Running sonar analysis from the remote repo

ChanduReddy123 · January 4, 2023, 11:17am

Hello,

We are using AzureDevops for for codebase and CICD.
we are using azure devops provided sonar analysis task “SonarCloudAnalyze@1”.

We have two tenants in azure say T1 and T2.
we are migrating our CICD pipelines to T2 tenant and keep the application code base is in T1 tenant.

our Java application scan is working as expecting when the code base and cicd are in the same tenant and repo.

as we’ve migrated our pipelines to Tenant T2 now we are having different repo where we maintain the pipelines in which we’ve written the logic to clone the application repo from T1 tenant and build the application.
now when we clone → build → scan the application from Tenant T2 sonar cloud is comparing the old commit ids(old tenant’s id) with the new tenant commit ids (where we maintain cicd pipelines) and messing up with the scan.

it is giving all the code smells, code coverage issues which were not there in tenant1 scan results.

can someone please help us with this issue?

Thanks in advance.

ganncamp · January 5, 2023, 3:39pm

Hi,

Welcome to the community!

I’m not understanding your new process. Are you saying there’s a local commit between checking the code out from the remote and analyzing? Analysis uses SCM data to determine what code is new, so that could definitely be a problem.

Ann

ChanduReddy123 · January 9, 2023, 9:08am

Hello Ann,

Thanks for your response.
yes our issue is related to repository.
now we are migrating the code from one repo to the another. you can consider it as copy paste of code from one repo to another with additional files added in the new repo related to application deployment.

ganncamp · January 9, 2023, 4:19pm

Hi,

You need to do the migration first, then check out from the new repo/location, and then do the analysis.

Ann