Hi,
Need your help to understand the pull request analysis concept. Recently migrated to * Enterprise Edition * Version 8.9.9 (build 56886). and We thought, we had implemented the pull analysis successfully for the feature branches but we were wrong. Except the master branch analysis, we are not getting correct analysis results for other feature branches.
In Jenkins log we are getting successful analysis status but there is an error starting SonarScanner_MSBuild_4.6.0.1930\SonarScanner.MSBuild.exe begin… process…
ERROR: 00:37:03 14:07:02.763 Downloading from https://sonarqube.xxxxx.net/api/analysis_cache/get?project=XYZ&branch=master failed. Http status code is NotFound. 00:37:03 14:07:02.775 Cache data is not available. Incremental PR analysis is disabled. 00:37:03 14:07:02.805 Pre-processing succeeded.
HERE IS MY ANALYSIS COMMAND :
SonarScanner_MSBuild_4.6.0.1930\SonarScanner.MSBuild.exe begin /k:***** /d:sonar.login=************** /d:sonar.host.url=https://*****.net /d:sonar.verbose=true /d:sonar.pullrequest.base=master /d:sonar.pullrequest.key=144059-1 /d:sonar.pullrequest.branch=refs/changes/59/144059/1 /d:sonar.cs.opencover.reportsPaths=Tests\TestResults\coverage.xml /d:sonar.dependencyCheck.htmlReportPath=dependency-check-report.html /d:sonar.dependencyCheck.reportPath= dependency-check-report.xml
and manually hitting the api analysis_cache we are getting error: {“errors”:[{“msg”:“Unknown url : /api/analysis_cache/get”}]}
Could please someone help to understand what happened & missed in whole process or configuration?
Thank you in advance!
v4.6 of the SonarScanner for MSBuild was released a very long time ago (so long it has been renamed since then!) – could you please try the latest version (v5.11) of the SonarScanner for .NET?
What version did you upgrade from? Are you sure you upgraded to 8.9.9 and not 9.9? I ask because the Analysis Cache doesn’t exist in SonarQube v8.9 LTS.
And does this fail the step, or is it just a warning?
Yes it will be a warning as it doesn’t have failure to analyze. However, the results are not correct. It is going through every scan and does not catch the vulnerability.
This is the only failed result we have in the log. it was my thought, missing analysis_cache probably causing the problem.