Good day,
We have a large repository with a main master branch, where dozens of Merge Requests (MRs) are created every day. We use Sonar to analyze merge requests for new code.
A couple of questions:
If we, for example, created an MR into the master branch, but for some reason, this master branch did not build with Sonar and Sonar does not have the latest statistics on it. Will this in any way affect what we see in the MR report for the new code? Especially regarding the identification of new lines that need to be covered by tests.
There is a flow where the Jenkins plugin performs a pre-merge operation before building the project (merging master into the MR branch), how will Sonar behave in this case? Will the new code be incorrectly identified?
My code is hosted on GitLab. However, that’s not particularly relevant to my question. I want to understand a few general things:
How is the new code identified in Merge Requests? Is it done by comparing commits locally only? Also, is it necessary to build the master branch for each commit? If so, how does this process impact the MR report?
Thank you!
New code is identified by calculating the difference between the locally checked-out reference (your PR) and the target branch.
It’s important that these references are up to date in the build environment. It’s not important that the target branch has been recently analyzed on SonarQube, although we would recommend analyzing every commit.
The case of the Jenkins merge commit is tricky, but we worked on that long ago in the v8.x series of SonarQube. No complaints since [SONAR-11853] - Jira!