Patchwise result in Sonarqube analysis

Must-share information

  • Which versions are you using - SonarQube - 9.9.3
  • How is SonarQube deployed - zip
  • What are you trying to achieve - Get the analysis results for a particular patch
  • Background/Scenario: We have a SonarQube instance running, which is integrated with Jenkins. So, every time a patch is pushed an analysis is triggered by the Jenkins in SonarQube and the Quality gate status is checked, and Job is marked passed or failed on the bases of quality gate status. Now, in a project there are multiple patches which are pushed at a short interval and multiple jobs and analysis are triggered by the Jenkins, but when we go to the link which is mentioned after the analysis for the result of that analysis, it takes us to the project in SonarQube instance and shows the latest or overall result.

Query: Is there any way I can find out, what were the bugs, vulnerability and issues when the particular analysis was run? if it can show the results for a particular patch?

@Colin Any idea?

Hey there.

I have the impression that what you’re looking for is Pull Request Analysis, available in the Developer Edition of SonarQube and above. Which edition are you using?

As noted in the FAQ:

I created a topic, when can I expect a response?

This is an open community with people volunteering their free time to provide assistance. We’re eager to contribute to the community, but you are not guaranteed a fast response.

Be patient

  • Wait a few days before bumping a topic that hasn’t received a response.
  • Do not @name mention individuals not involved in the topic.

You may think it bumps it up to the top of someone’s list, but it just annoys us, and typically has the opposite effect.

@Colin we are using developer edition of SonarQube, is there any way to achieve this without setting up the pull requests also, just doing the analysis only for the files changed and have a log of analysis and when we click on that particular entry in the log and get the analysis result only for those changes?

Not really. Why don’t you want to configure PR analysis?

@Colin Because what I understand is that pull request decoration will work only if your code is hosted, such as GitHub, but for us it is not hosted on GitHub or any other platform, it lies on a local server, do you have any idea how to do that if code is on a local server?

Pull Request Decoration can happen during Pull Request Analysis, but it is not required. You can still acehive the analysis of a PR without the decoration (and just see the changes related to the code in your PR.

Where is Jenkins pulling your code from when it runs the build? A locally hosted git server? Are you using a Pull Request process (storing your changes in a separate branch pushed to the Git server)?

@Colin Jenkins is pulling the code from locally hosted git server, yes, we use pull request process, also sometimes developers are making changes on the original branches without creating their own branch, both ways they are doing.