Slow Analysis, expected?

jj_u · May 2, 2022, 8:11pm

Hey all,

Mostly just looking for a sanity check here - scanner on this repo is taking about 7.5 minutes, and I’m just checking to see if this is expected, and whether there’s anything that can be done to speed it up. I know 7.5 minutes isn’t an outlandish amount of time compared to 30/60/90m I see in some threads here.

311k lines of code, 13k code smells
ENV: Bitbucket Pipeline, image: sonarsource/sonar-scanner-cli:latest
Command: “sonar-scanner”
Languages: php, js, css

Colin · May 3, 2022, 8:07am

Hey there.

Historically – we’ve often said that the length of analysis should not take longer than the length of the rest of build (compiling, running tests, etc.) We’re starting to define some better definitions internally around expectations of analysis time, but nothing we’re ready to share right now.

You’re right – 7.5 minutes isn’t outlandish. And, there’s a few things you can check.

The logs should let you know where most of the time, either simply by timestamp or looking at how long each sensor takes. For example:

INFO: Load/download plugins (done) | time=469ms
....
INFO: Sensor Python Sensor [python] (done) | time=2380ms
....
INFO: SCM Publisher 31/31 source files have been analyzed (done) | time=603ms

You should check to make sure that external libraries aren’t being analyzed, as these shouldn’t be analyzed by SonarCloud. You can limit the files being analyzed by focusing on Analysis Scope

jj_u · May 3, 2022, 10:46am

Thanks for the response.

Here are the main items by duration:
18:35:07.928 INFO: Sensor JavaScript analysis [javascript] (done) | time=171316ms
18:37:35.122 INFO: Sensor PHP sensor [php] (done) | time=133003ms
18:38:28.644 INFO: Sensor PhpSecuritySensor [security] (done) | time=53494ms
18:38:43.787 INFO: Sensor JsSecuritySensor [security] (done) | time=15142ms
18:35:22.114 INFO: Sensor CSS Rules [javascript] (done) | time=13764ms

We have confirmed that analysis scope is restricted appropriately.

Colin · May 6, 2022, 9:08am

Hey there.

Thanks.

These times don’t seem unreasonable for 300k+ Lines of Code, where we’d consider times between 5 and 20 minutes to be acceptable.

And, if you’d like to look further, in each sensor, the logs should also provide an update (every 10 seconds) about the progress of the analysis and what file is currently being analyzed.

INFO: 922 source files to be analyzed
INFO: 13/922 files analyzed, current file: /Users/colin/Source/openlayers/test/rendering/cases/webgl-invisible-group/main.js
INFO: 86/922 files analyzed, current file: /Users/colin/Source/openlayers/test/node/ol/AssertionError.test.js
INFO: 184/922 files analyzed, current file: /Users/colin/Source/openlayers/src/ol/style/IconImageCache.js

You may want to look through and see if it “hangs” anywhere (takes a long time to analyze a certain file, or if there’s a part of the analysis where fewer files are analyzed than the rest).

There’s also deeper logging available by appending -X to the sonar-scanner command, but it’s very noisy and only worth looking at if deeper investigation is required.