We want a PR to only scan changed files in a PR in our CI, jenkins based. I implemented this to some degree following this, Pull Request analysis it notices changed files, like a .cpp source file change in my feature branch and will scan it. My problem is that even when we dont change any source files, it still scans all the files if finds in the compile_commands.json. We use C+ code and as I understand we need to read that compile_commands.json for sonarQube to do a proper analysis.
This is the code that I used to initiate the PR analysis, which I see is working up until it reads the compile_commands.json.
-Dsonar.pullrequest.key=${env.CHANGE_ID}
-Dsonar.pullrequest.branch=${env.CHANGE_BRANCH}
-Dsonar.pullrequest.base=${env.CHANGE_TARGET}
The debug output I get is something like this for every file it finds in the compile_commands.json.
DEBUG Cache miss for …/AlphaMaskCreator.cpp: cache is empty
One thing we are working on is adding Versioning, but I dont think that is enough.
Also I have read about trying to use a peristent .scannerwork file , but not sure exactly what to do here, maybe store the .scannerwork from the main branch in artifactory and pull it on all PR’s?
Thank you very much for any help !!
Also, ill add the sonar-project.properties
sonar.projectName=@REPONAME@
sonar.projectKey=com.blah.blah:@REPONAME@
sonar.sourceEncoding=UTF-8
sonar.language=c++
sonar.cfamily.gcov.reportsPath=./build
sonar.cfamily.compile-commands=build/compile_commands.json
sonar.sources=.
sonar.tests=.
sonar.analysis.cache.enabled=true
sonar.test.inclusions=**/tests/*.cpp'
sonar.coverageReportPaths=out/coverage/sonar-coverage.xml
sonar.exclusions=**/tests/**,**/data/**,build/**,out/**,logs/**,doxygen/**,apps/**/*_example/**,apps/VPM/**,utilities/algo/OnlineAlignmentBenchmarkTool*/**,**/PlaybackUsingCli/**,**/resources/**,**/Dockerfile,**/*.py,**/*.java,**/*.yuv,**/*.txt,**/*.vsdx
sonar.cfamily.excludedIncludes=/tmp/conan*/**,.conan/**,**/.conan/**,**/conan/data/**,**/opencv2/**,**/opencv4/**,**/boost/**