I’m evaluating whether it makes sense for us to run SonarCloud on all our pull requests. Right now, I’m not sure, as the Sonar scan takes about 12 build minutes each time it runs, and the Bitbucket pipeline build minute cost is significant even after just a week of using this.
-
Is there an easy way to run the scan only when files in the scanned directories are modified? We currently scan our PHP code in certain directories only, so pull requests that consist of front-end changes in different directories only should not require a full Sonar build. I realize we can probably implement our own build avoidance logic here, but it would be great if there was a setting (or plan for one) in SonarCloud to skip/shorten the scan if no relevant files were modified.
-
Is there a way we could run the scan on demand on pull requests? We can run the scan on demand on specific branches, but when we do that, Sonar does not seem to have knowledge of a destination branch and therefore reports statistics compared to master, even when the PR is from a branch that was not based off of master. If there is a way to run on demand either on branches (with knowledge of the base branch, so we only see differences based on that) or on pull requests (I don’t think BitBucket currently has the option), I’d like to know
-
Any suggestions to speed up the build based on this config would be welcome.
We’ll see whether we run builds on all PRs, daily builds on master/develop only, or not use Sonar at all based on this and feedback from our team.
Current bitbucket-pipelines.yml (kept only relevant info for Sonar):
image: node:10.15.1
clone:
depth: full
pipelines:
custom:
sonar:
- step:
size: 2x
caches:
- sonar
- docker
script:
- pipe: sonarsource/sonarcloud-scan:1.1.0
variables:
DEBUG: "false"
services:
- docker
pull-requests:
'**':
- step:
size: 2x
caches:
- sonar
- docker
script:
- pipe: sonarsource/sonarcloud-scan:1.1.0
variables:
DEBUG: "false"
services:
- docker
definitions:
services:
docker:
memory: 7128
caches:
sonar: ~/.sonar/cache # Caching SonarCloud artifacts will speed up your build
Thanks!