Pull-request Analysis | Jenkins | analysis_cache

SonarQube Server / Community Build
, , ,
1

Hi,
Need your help to understand the pull request analysis concept. Recently migrated to * Enterprise Edition * Version 8.9.9 (build 56886). and We thought, we had implemented the pull analysis successfully for the feature branches but we were wrong. Except the master branch analysis, we are not getting correct analysis results for other feature branches.
In Jenkins log we are getting successful analysis status but there is an error starting SonarScanner_MSBuild_4.6.0.1930\SonarScanner.MSBuild.exe begin… process…
ERROR:
00:37:03 14:07:02.763 Downloading from https://sonarqube.xxxxx.net/api/analysis_cache/get?project=XYZ&branch=master failed. Http status code is NotFound. 00:37:03 14:07:02.775 Cache data is not available. Incremental PR analysis is disabled. 00:37:03 14:07:02.805 Pre-processing succeeded.

HERE IS MY ANALYSIS COMMAND :
SonarScanner_MSBuild_4.6.0.1930\SonarScanner.MSBuild.exe begin /k:***** /d:sonar.login=************** /d:sonar.host.url=https://*****.net /d:sonar.verbose=true /d:sonar.pullrequest.base=master /d:sonar.pullrequest.key=144059-1 /d:sonar.pullrequest.branch=refs/changes/59/144059/1 /d:sonar.cs.opencover.reportsPaths=Tests\TestResults\coverage.xml /d:sonar.dependencyCheck.htmlReportPath=dependency-check-report.html /d:sonar.dependencyCheck.reportPath= dependency-check-report.xml

and manually hitting the api analysis_cache we are getting error: {“errors”:[{“msg”:“Unknown url : /api/analysis_cache/get”}]}

Could please someone help to understand what happened & missed in whole process or configuration?
Thank you in advance!

2

Hey there.

v4.6 of the SonarScanner for MSBuild was released a very long time ago (so long it has been renamed since then!) – could you please try the latest version (v5.11) of the SonarScanner for .NET?

3

Thanks Colin for your quick response.

I did also try with latest version sonar-scanner-msbuild-5.11.0.60783-net46. but still having same issue.

16:31:05 06:01:05.75 Downloading from https://sonarqube.xxxxx.net/api/analysis_cache/get?project=*******&branch=master failed. Http status code is NotFound. 16:31:06 06:01:05.767 Cache data is not available. Incremental PR analysis is disabled.

PS: I firstly tried to run Master branch scan and then feature one to check the pull analysis.

4

I noticed this in your original post.

What version did you upgrade from? Are you sure you upgraded to 8.9.9 and not 9.9? I ask because the Analysis Cache doesn’t exist in SonarQube v8.9 LTS.

And does this fail the step, or is it just a warning?

5

Yes this is upgraded to 8.9.9 only.

6

Yes it will be a warning as it doesn’t have failure to analyze. However, the results are not correct. It is going through every scan and does not catch the vulnerability.

This is the only failed result we have in the log. it was my thought, missing analysis_cache probably causing the problem.

Downloading from https://xxxx/api/analysis_cache/get?project=*******&branch=master failed. Http status code is NotFound. Cache data is not available. Incremental PR analysis is disabled

7

I don’t think it’s possible to draw a line between this message in the logs, and a vulnerability not being found.

Can you give more details about the analysis results that don’t match your expectations?