Currently running Sonarqube 7.9.3, I just set up PR analysis on my Github repos.
It works well, only PR modified lines are reported in the checks tab of Github and in the Sonarqube quality gate.
But when checking the CI build log, I can see that Sonarqube analysis much more files than the file modified in the PR. I found some 2018 thread mentioning that and needed confirmation to make sure I understand everything well:
Pull request feature performs an analysis on the whole project, not but only report on modified files ? This is the normal behviour ?
There is currently no way to only analyse files modified in the PR (even if that means slightly less accurate analysis) ?
For the record, the complete process take 15minutes Maven build + 15 minutes SonnarScanner + few seconds of Sonarqube analysis to process data.
It’s not that bad, but I’d like to reduce the load on our CI as much as possible.
I found a workaround by providing the list of modified files retrieved from Git, and using the sonar.inclusions parameter of the analysis. It seems to work so far, but I need more test to make sure.
Does the Sonarqube team have any advice on this “workaround” ? Good ? bad ? ok until better solution ?
