Pull request analysis from sonar-scanner not detecting changes

I’m using sonarcloud + github on a private repo, mainly a python project. analysis worked well enough, but I wanted to get coverage too so I’ve switched to the sonar-scanner-cli … (after trying the action and having a number of issues).
But I can’t get pull request analysis to correctly detect changes:

sonar-project.properties looks like this


running sonar with sonar-scanner -X -Dsonar.projectBaseDir=${GITHUB_WORKSPACE}

here’s some key info from the debug logs for a recent build

switching to ‘pull/554/merge’.

git branch:

*(HEAD detached at pull/554/merge)

git log --oneline -n 3

deb8b944 Merge 87a990b0d11f26a40384330487af1605dddfe4a5 into 94ba4dfd5c1cfbade5ef7a16837dde89c4afd5df
87a990b0 mesh-663: sound-proofing
94ba4dfd Merge pull request #543

so 94ba4dfd5c1cfbade5ef7a16837dde89c4afd5df is the base/target branch SHA
there are 62 modified files in the change …
but …

in the scanner logs I see:

21:10:27.503 INFO: Load branch configuration
21:10:27.504 INFO: Github event: pull_request
21:10:27.522 INFO: Auto-configuring pull request 554

and then

21:10:51.885 DEBUG: Merge base sha1: 87a990b0d11f26a40384330487af1605dddfe4a5
21:10:51.888 DEBUG: SCM reported changed lines for 0 files in the branch
21:10:51.888 INFO: SCM writing changed lines (done) | time=21ms
21:10:53.830 INFO: Analysis report generated in 2115ms, dir size=219 KB
21:10:53.980 INFO: Analysis report compressed in 149ms, zip size=92 KB

I’ve also tried running the scanner with specific params:

 sonar-scanner -X -Dsonar.projectBaseDir=${GITHUB_WORKSPACE} -Dsonar.pullrequest.branch=${GITHUB_HEAD_REF} -Dsonar.pullrequest.base=${GITHUB_BASE_REF} -Dsonar.pullrequest.key=${{ github.event.number }}

but still I see ‘no changes’ coverage / or affected files in the PR analysis

additionally, given the prerequisites in Pull Request Analysis | SonarQube Docs
Before analyzing your Pull Requests, make sure that:

  • The Pull Request source branch is checked out in the local repository.
  • The branch being targeted by the Pull Request is fetched and present in the local repository.

I’ve also tried an explicit checkout to the two branches … e.g.

git checkout "${GITHUB_BASE_REF}"
git checkout "${GITHUB_HEAD_REF}"
sonar-scanner -X
1 Like

Hey there.

If the analysis is taking place in the context of a GitHub Actions pipeline, can you include your GitHub Actions YML file?

1 Like

Hi Colin …
got to the bottom of it … turned out were we also locally merging into the target branch, to ensure a clean --ff-only merge, :man_facepalming: so ofc there were no new lines detected, and not resetting before running the scan!

On a similar vein though, when comparing for a pull request, is it possible to just specify the explicit sha1 of the base or head ?

e.g. `-Dsonar.pullrequest.base=“{{ github.event.pull_request.base.sha }}” or does sonar require an actual local branch ?

1 Like

Glad you were able to sort it out. Sonar requires an actual local branch.

1 Like

Sonar requires an actual local branch.

this seems to work fine -Dsonar.pullrequest.base="{{ github.event.pull_request.base.sha }}"

1 Like

need a team of player to havee this finish