Must-share information (formatted with Markdown):
which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
Sonarqube - Enterprise Edition - Version 9.4 (build 54424)
what are you trying to achieve
I want my PR Analysis to fail when new code smells or bugs appear.
what have you tried so far to achieve this
I have been attempting to run PR analysis in my front-end application project. Unfortunately, it doesn’t work when I introduce new code smells into my application to test this behaviour.
When I run the project in my PR pipeline stage in GoCD, it sets the following variables in my sonar-project.properties file:
sonar.pullrequest.key=<id> sonar.pullrequest.branch=<branch> sonar.pullrequest.base=main
When I run the project manually and I git checkout the , it fails, as follows:
git checkout <branch>
docker run \ --rm \ -e SONAR_HOST_URL=<URL> \ -e SONAR_LOGIN=<SONAR_TOKEN> \ -v "$(pwd):/usr/src" \ sonarsource/sonar-scanner-cli
If I don’t manually check out the , it seems to be constantly running against the main branch instead, always being successful at the end, which is not the behaviour I am expecting.
Is the sonar-scanner-cli, either in docker, maven or any other version, supposed to check out the PR branch to be analysed or do we have to do it manually?