Most external issues not importing

System Information:

  • Using SonarQube Developer Edition v9.9.5 (build 90363) / SonarScanner 5.0.1.3006
  • Both SonarQube and the scanner are deployed via docker

Summary:
I am trying to import eslint errors into a sonar scan analysis to prevent commits with lint errors from being merged. I have created an eslint formatter and configured the scanner to include the issues reported by eslint (largely following this tutorial). The generated eslint report: sonarqube_lint_report.json includes 12 issues, however only one is presented in the report in the SonarQube UI:


In the scanner debug logs (3.4 MB) I can see that the scanner finds and imports the 12 issues:

03:50:03.361 INFO: Sensor Import external issues report
03:50:03.361 DEBUG: Importing issues from 'sonarqube_lint_report.json'
03:50:03.375 INFO: Imported 12 issues in 11 files
03:50:03.375 INFO: Sensor Import external issues report (done) | time=14ms

I have noticed that if I introduce other errors into files in the eslint/formatters/ directory, they are presented in the SonarQube UI. However, none of the errors in other directories seem to show up. I am quite at a loss, any guidance is greatly appreciated.

Hey there.

It looks like you’re analyzing a pull request in SonarQube. Pull requests will only show issues on changed lines of files. Are these 11 other issues, perhaps on files/lines, not changed in this PR?

Colin,

Appreciate the quick response! I can confirm several of the issues identified in the eslint json report are on changed files, in fact several of the files are entirely new:

How does the analyzer determine if the file/line is changed… is it as compared to the target branch? Does anywhere in the log identify what it sees as changed?

Thanks again!

I think based on your comment that it may have to do with how I am mounting in the source code into the sonar-scanner container. We have a large monorepo, this vue project being only one of the several applications in the repo. I am mounting the vue directory directly into the sonar-scanner container and so the .git directory (which is one level up) is not mounted in. Does that sound like it would cause an issue with change detection?