[Sonar enterprise version: 8.6] [Repository code sql on GitHub]
We use sonar enterprise to analyse our Tsql repository that sises 14MB.
We have already launched the sonar analysis on our master which builds on teamcity. and then we added the step sonar analyse to our build in teamcity. Currently, a Pull Request on this repository is triggering a new code sonar analysis.
The analyse takes 3minutes, the project background tasks takes 2minutes when doing the check of quality gate. Our developers have to wait more then 5 minutes to finish the build.
We looked up how plugins Sonar proceed to analyse code source, we have seen that all the repository is analysed every scan even it is the new code.
Question: why all the repository is analysed when some files only were modified? This makes us wasting 6minutes to analyse just some modifications.
Hello @lilia
thanks for joining the community, and welcome!
The interest from the Betclic CI/CD team interest for some kind of “new code targeted analysis” for TSQL has been noted, and it’ll be considered in the roadmap discussions.
A few things you may consider here:
an analysis in 5mn is rather fast. Most developers would wait for any PR build, tests and analysis for a longer time, a much longer time for some large projects. Even if a faster analysis would be even more efficient, this team does not suffer from unreasonable delays here (a quick search in the community will tell you more about analysis times).
the WaitForQualityGate state is only expected to be implemented on your CI, the team should not “waste” this time; the pipeline analysis does not lock their laptop or desktop…
SonarLint can be used for TSQL code in connected mode with the Eclipse IDE. With this in IDE first analysis, all developers would commit changes with a lot more confidence on the QG results.
