Question, on what task is the performance targeted? Is it the analys task or the complete workflow?
Here is a printscreen of a current workflow wich was ran today 24/9 and yes the analys task went real fast, but build didnt.
Compare that to a build with the same parameters not having sonarcloud analysis configured It;
Could it be because itâs configured to build /*.csproj instead of a solution? And the build therefore rebuilds the dependancies multiple times making sonarcloud think they are âuniqueâ?
The part that was optimized that Iâm talking in this announcement is the taint analyzer focusing on detecting injection vulnerabilities. This taint analyzer runs in the âRun Code Analysisâ for you.
The other DotNet rules not relying on the taint analyzer run as part of âdotnet buildâ step and the improvement we did changed nothing on the âdotnet buildâ step. So it should still run as fast (or slow depending on how you feel things) as before.
On Sonarcloud you now have the ability to run the analysis in concurrent execution mode. This can significantly reduce your analysis time. Just set the following environment variable in the begin step:
SONAR_DOTNET_ENABLE_CONCURRENT_EXECUTION: true
We would love to hear if you have tried this, if you have please could you post a comment on this post and tell us how you got on?
