Hi Sonar Community!
I’m using sonarqube Community Edition - Version 9.9 (build 65466) deployed in a docker container. My project has the “Previous Version” for the “New Code” configuration.
In my project i have a Gitlab-CI pipeline that do the following:
if the target branch is my project main branch, a sonar-scanner command will be triggered using an incremental project version. For instance: RC_2.3.0.1 (suppose the Release Candidate is 2.3.0, so the fourth digit will be used to increase versions for scanning pruposes).
if it’s about a Merge Request, a sonar-scanner command will be triggered without specifying the projectVersion.
The idea here is that the MR (code that is intended to be added to the main branch) will be scanned. If there are issues (bugs, code smells, etc) the MR will be rejected in order to have them fixed. At this point, the scan should be “compared” from the latest project version (settled in the last main branch scan)
If the MR is approved, the code will be merged to the main branch and the sonar-scanner will be triggered with an incremented version.
What i do not undersand is the following (please help me!!)
I have the following sequence:
A “sonar-scanner” runs in the main branch with version RC_2.3.0.1
A “sonar-scanner” runs again in the main branch with version RC_2.3.0.2
In the sonarqube web (top right corner) i see: February 18, 2025 at 2:10 PM Version RC_2.3.0.2, that’s ok…
There is a MR, so “sonar-scanner” runs without a projectVersion argument. BUT, the code is compared with version RC_2.3.0.1
In the activity view, the “New Code Period starts here” label is over the RC_2.3.0.1 version, but i have already a RC_2.3.0.2 version!
How can i force the “New Code Period” from RC_2.3.0.2 so further MRs are compared against that version?
Ehm… Actually, no. PRs/MRs are “compared” versus the fork point of the underlying branch.
So you’re changing the sonar.projectVersion value with each analysis? If you’re using ‘previous version’ as your New Code definition, that means resetting what’s “new” with each analysis.
Yes. This exactly. What’s “new” is everything after that analysis.
As shown in the screenshot, i understand that the current version is RC_2.3.5.6 and the Overview is displaying the last scan result that was run for a code that was integrated to the main branch (that scan was triggered with sonar.projectVersionn=RC_2.3.5.6). And i understand that “Since RC_2.3.5.5” means that the new code is actually that code being merged to the main branch.
Maybe i’m confused, but if the new code was merged to the main branch i suppose that it’s a project version with a “green light” because that code was previously scanned in a MR.
Let me show you what happens when i run a sonar-sanner (without projectVersion argument) for a MR:
The code was analized and 1 code smell was detected. So that MR is not going to be merged to the main branch because it MUST be fixed.
But… why is that MR “compared” Since RC_2.3.5.5?
Suppose that the MR has no bugs or code smells and we decide to merge it to the main branch. If that happens a sonar-scanner with projectVersion=RC_2.3.5.7 will be triggered.
Certainly, we are using the projectVersion as a checkpoint for further scans.
Is there a way via API to set the “New code period” from RC_2.3.5.7 immediately after the sonar-scanner with projectVersion finish?
