Must-share information (formatted with Markdown):
- which versions are you using:
- SonarQube 9.9.2.77730 (Developer Edition)
- Scanner: gradle plugin version 4.3.1.3277, 4.4.1.3373
- Installed Plugins/Extensions:
- Dependency-Check 4.0.0
- OpenID Connect Authentication for SonarQube 2.1.1
- Custom Java Plugin containing 5 custom Java Rules
- Gradle version: 8.4
- how is SonarQube deployed: Docker / Kubernetes
- Expected: good performace of sonarqube gradle plugin
- tested the above gradle plugin versions locally and in CI to determine when the performance drop happened
We have a large gradle multi module java/JS/TS project with ~ 200 gradle sub modules and ~ 900k LOCs. Since gradle plugin version 4.3.1.3277 we experienced a huge performance drop in the scanning of our project, especially in the Gitlab Merge Request / branch analysis. Here the Analysis time (sonar task) for the different versions, all with the same source code / commit / branch:
4.0.0.2929: BUILD SUCCESSFUL in 8m 48s4.1.0.3113: BUILD SUCCESSFUL in 8m 24s4.2.1.3168: BUILD SUCCESSFUL in 6m 10s4.3.0.3225: BUILD FAILED: Caused by: File libs/foo/api/build.gradle.kts can’t be indexed twice. Please check that inclusion/exclusion patterns produce disjoint sets for main and test files4.3.1.3277: BUILD SUCCESSFUL in 1h 1m 28s4.4.1.3373: BUILD SUCCESSFUL in 48m 29s
Here the sonar configuration in our root build.gradle.kts:
sonar {
properties {
property("sonar.sourceEncoding", "UTF-8")
property("sonar.dependencyCheck.jsonReportPath", "build/reports/dependency-check-report.json")
property("sonar.dependencyCheck.htmlReportPath", "build/reports/dependency-check-report.html")
property("sonar.dependencyCheck.summarize", true)
property("sonar.gradle.skipCompile", true)
}
}
The execution time in SonarQube Server is always ~15 seconds.