Is there a way to run a pull request analysis on a source code that is either fully or partially inside a git submodule? My C++ project has some dependencies in a submodule that I’d need analysed and it would make sense to have them analysed as part of the superproject that handles the configuration and compilation.
The branch analysis works fine and reports are including the sources inside submodules as well, but any pull request analysis shows only 0 issues and no code under “Measures” tab. The analysis seems to run fine for the pull requests as well based on the logs, but no issues are being reported.
Based on my first look this seems to be caused by the scanner seeing the changed submodule but not the changes to the files inside it. For example the analysis log is showing first 3 changed files (I have changes made into the Jenkinsfile, sonar-project.properties and a certain .cpp file inside a submodule).
15:24:25.557 INFO: Load active rules (done) | time=2737ms 15:24:25.565 INFO: Exclusions based on SCM info is disabled by configuration 15:24:25.577 INFO: Pull request 103 for merge into develop from sonar-testing 15:24:25.609 INFO: SCM collecting changed files in the branch 15:24:25.707 DEBUG: Merge base sha1: 4eccc7988782c9c4ee45f6f0b1b94e115a30d381 15:24:25.780 INFO: SCM collecting changed files in the branch (done) | time=171ms 15:24:25.780 DEBUG: SCM reported 3 files changed in the branch
Then once the analysis is done, the log states that no lines in files have been changed
15:46:34.326 INFO: CPD Executor CPD calculation finished (done) | time=4851ms 15:46:34.335 DEBUG: SCM revision ID '7f47d70f4238d54ffa02c85756dcb639cda9d647' 15:46:37.092 INFO: SCM writing changed lines 15:46:37.104 DEBUG: Merge base sha1: 4eccc7988782c9c4ee45f6f0b1b94e115a30d381 15:46:37.105 DEBUG: SCM reported changed lines for 0 files in the branch 15:46:37.105 INFO: SCM writing changed lines (done) | time=13ms 15:46:38.340 INFO: Analysis report generated in 2779ms, dir size=7 MB 15:46:46.618 INFO: Analysis report compressed in 8278ms, zip size=5 MB
My assumption is that this actually means changes being seen in the Jenkinsfile, sonar-project.properties and the submodule sha, instead of the actual changed file.
I have set the
sonar.scm.exclusions.disabled to true and have been able to run branch analysis fine. The pull request decorators are showing up in the Bitbucket Server UI but there are no issues being reported.
- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
SonarQube Server 8.9.10, sonar-scanner-220.127.116.1147