- ALM used - GitHub
- CI system used - Buildkite
- Scanner command used when applicable -
sonar-scanner -D sonar.newCode.referenceBranch=main -D sonar.pullrequest.base=main -D sonar.pullrequest.branch=branch-name -D sonar.pullrequest.key=1111 -D sonar.scm.revision=commit-hash-of-last-commit-in-pr - Languages of the repository - Ruby
- Error observed - Issues from commits merged into main after the branch of a PR is created are appearing as issues when analyzing the PR.
- Steps to reproduce - Unsure exactly how to reproduce consistently. I think that some caching of results has been throwing off my tests. That said I believe the steps to reproduce would be to create a PR off branch A, merge a change into branch A with an issue and then analyze your PR against branch A without rebasing it first. (I believe this is related to if not the behaviour outlined in this article)
- Potential workaround - Rebasing the PR
I am wondering if it is plausible/I am liable to run into strange errors if I set sonar.pullrequest.base to a commit hash rather than a branch?
Basically I want to set it to the commit where the pull request branched off from main (git merge-base HEAD main) in the hopes that it will prevent issues added to main after the pull request was branched off from appearing in the analysis.
The reason for wanting this is that we have a 30-60 minute CI process so rebasing when we realise enough issues have built up from issues merged into main takes a while.
EDIT: On a related note, I thought I should mention that it looks like the description of sonar.pullrequest.key may have been copied into the description of sonar.pullrequest.base in this article.