I have an issue with our company instance of SonarQube. Recently we migrated from version 7 (Not sure about exact version) to version Data Center Edition Version 8.9.1 (build 44547).
In about same time, I noticed lot of Code Smells and bugs are missing. After some investigation, I found out that this is related to pool of computers (Bamboo agents), where this analysis is happening. When I run this analysis on my personal PC, everything is ok, and there are no missing Smells/Bugs. I went deep into .sonarqube\out.sonar\scanner-report\ folder and found issues-X.pb is somehow truncated:
Summary: PC environment, where SonarQube analysis is executed is causing different results in amount of CodeSmells/Bugs.
Do you have any idea what can cause this?
Thanks,
Michal Cermak
Happy New Year 2022 and welcome to the SonarSource community. . Hope you’ll enjoy it.
If all issues are found on your PC, not on some bamboo agents, it’s clearly a problem of build environment. I cannot point at the problem, just give you a few axis of investigation. You should verify that:
You use the same compiler on you PC and the bamboo agents
Thank you for the reply and advices, unfortunately, none of them help.
You use the same compiler on you PC and the bamboo agents Checked. Because I do not have a direct access to Bamboo agent, I stored whole compiler as Bamboo artifact and used this for a compilation on my machine. Still analysis on my PC works as expected even with this compiler.
You use the same version of build wrapper (apparently this is a C++ project scan). Yes, this is C++ scan. And yes, I am using same wrapper and sonar-scanner-msbuild on both machines. I am sharing those via Artifactory (Therefore not using script you referred).
You have enough disk space on your bamboo agent build workspace to produce the necessary files Yes, I have enough space. In addition, this is unlikely a factor, because pb file is always truncated in same location, there is no variability in this.
You don’t have any antivirus on the bamboo agent that may interfere with the generation of the necessary files Unfortunately, I do not have a direct (mstsc) access to those machines, so I cannot check this. But I am assuming this is not a case because pb file is partially generated. If there is a antivirus issue, I would assume I will not see any pb file generated. But I will follow this with our IT support.
You analyze the code with the same analysis process and configuration settings I checked logs multiple times, and I do not see any obvious difference. Yes, there are some differences in environmental variables between those to machines, but this should not be a factor. Also, there are other sonar related files in Bamboo machine, but those should not be invoked (Wrapper and analyzer is called with absolute path)
If you can help me with log analysis, here is a new archive, which is including all you need: Logs.zip (319.7 KB)
By the way, following figure shows this issue in Sonar Activity page. As you can see, this is aligned with with issues-5.pb file. In one case there are 14 Code smells (Bamboo), in second there are 28 Code smells (My PC)
I’ve looked at your logs, and did not see anything obvious. Could it be possible to generate reproducer files on both environments, and share them with us?
To do so, you should run the analysis with the property sonar.cfamily.reproducer set to the full path of the analyzed file, exactly as it appears in the log (so, in your case, C:/build-dir/NGAIMS-SII3-DSAB/oms-dev/Src/_Build/Projects/../../Shared/SonarSmellTest.cpp or c:/build-dir/NGAIMS-SII3-DSAB/oms-dev/Src/_Build/Projects/../../Shared/SonarSmellTest.cpp).
If you prefer sharing those files privately, let me know, I’ll send you a private message.
Thank you for those files. They confirm that you are affected by a bug related to symlinks and network drives. You can read more details in the bug ticket (I added a link to this post in the ticket too).
We currently don’t have any workaround (except asking you to avoid symlinks on windows), but we are working on correcting it.
. Hope you’ll enjoy it.