We run code analyses on Pull Requests with following setup:
- SonarQube 8.3
- Jenkins Pipelines
- Gradle SonarScanner plugin 2.7
While code analyses on PR works fine in most of the cases, we do experience issues in specific situations. There are some cases where the Quality gate would pass for a PR analyses and fail when PR is merged into a branch. What we noticed is that on PR analyses some Issues are not registered/created though looking at specific code, it is visible that an issue is highlighted.
For example we experience following when new Duplicated Code is introduced:
- No Issue is being registered on PR analyses, when according to the Quality Profile there should be one with Major severity.
- Anyway Duplicated Blocks are registered and code blocks are marked with grey.
- Percents of Duplicated Code are increased as well, which means specific rule has been taken into account, but still in this case Quality Gate is green.
- Then when code is merged into the main branch, new Major issue is being registered and Quality Gate fails as expected.
My understanding is that Quality Profile is inherited from the parent project for both, PR and BRANCH analyses. So if Quality Gate is Green on PR, it should be green on BRANCH when code is merged.