We are using gradle’s SonarQube plugin with GitHub workflow to run analysis in SonarCloud. Everything works fine from the local command line, but when I push modifications to an open PR, workflow runs without errors and everything seems to be alright. But when I log in to the SonarCloud the organization project’s main view doesn’t update the last analyzed date/time (it show the last local execution=October 29, 2020, 3:44 PM).
But when I go to the branch view (project / administration / Branches & Pull Requests) I can see that the analsis has been done today (November 2, 2020, 11:40 AM), but I am also having a warning saying:
“Could not find ref ‘master’ in refs/heads, refs/remotes/upstream or refs/remotes/origin. You may see unexpected issues and changes. Please make sure to fetch this ref before pull request analysis.”
I have seen topics similar to this, but nothing which would work in my case. Because the date/time does not change in the organization’s main project view I suspect that there is something wrong with the way GitHub workflow scan communicates with SonarCloud.
The main project view shows the state of the default branch (you can see which one is selected right next to the project name). This view only shows the last analysis date of the default branch. It is likely that when you run the scanner locally you are not providing any parameters (like sonar.branch.name or sonar.pullrequest.key), when none of these parameters are available the scanner will treat the analysis as a default branch analysis.
When you analyse a PR with GitHub Actions the scanner automatically detects that it is a PR. It will then not submit the analysis as a default branch analysis but a PR analysis to SonarCloud. You should be able to see this pull request by clicking on the branch dropdown right next to the project name. This view should show you the latest analysis of that specific PR.
This is likely caused by the shallow clone the GitHub checkout action automatically does. To properly assign issues and code smells to the correct people there is more git history needed. If you are using this action could you try to set the fetch-depth to 0?