I am using Sonar enterprise version 8.7.
Is it possible to get a specific sonar report as opposed to getting “latest”
And is it also possible to have reports generated in pdf or html format?
Hello @teehammed01 ,
You should upgrade to SonarQube 8.9.1, which is the latest version that contain critical bug fixes and new features. Please upgrade when you can.
I’m not sure what you mean. Can you give more details or an example?
Yes, you can get reports in PDF for portfolios (collection of projects), which is available in Enterprise Edition and higher.
Otherwise, you can use Web API endpoints to generate the metrics and statistics for yourself into a PDF or HTML format, customized to your desire.
Hello @Joe
Thank you so much for responding. With regards to getting a specific sonar report as opposed to the latest, what I mean is this.
When you run sonar analysis with ProjectKey set to XYZ for instance; with each run of the analysis, you only seem to get a report in the UI for the latest/most recent analysis or scan.
Is it possible to somehow get the results for earlier scans or analysis? Sort of how version control keeps a history of commits, or do analysis reports get overwritten each time with “latest”? I hope this makes sense.
I’m not quite sure how portfolios work, but I’ll have a read-up on it.
Thank you.
Hi @teehammed01 ,
Thank you for the clear explanation. I understand what you mean now. Yes, it is possible to get results from previous scans. Go to the specific project and click on Activity tab:
There you will see on the left-hand side multiple scans with a timestamp.
Otherwise, you will need to use Web API to get the data you need.
Hi @Joe
Thank you so much for such a quick and succinct response.
I’d like to ask two more questions please, if you don’t mind.
-
Is there a way to somehow get the commit ID or commit message associated with previous scans, as opposed to just the timestamp? So that scans can be tied to the commits that might introduced certain vulnerabilities or elements etc.
Would I need extra functionality in my code like specific parameters or something in order to pull this off or is it just not possible at all? -
Is there a way to have branch analysis without ALM integration? Such that I can see in the UI what branch of the codebase the scan is run against?
At the moment it defaults to Master.
Thank you so much for your time with this. I really appreciate it.
Yes, you can query the Web API endpoint GET api/project_analyses/search. You don’t need extra functionality. Please see documentation on your SonarQube instance. Here’s an example of the response:
{
"paging": {
"pageIndex": 1,
"pageSize": 100,
"total": 3
},
"analyses": [
{
"key": "A2",
"date": "2016-12-12T17:12:45+0100",
"projectVersion": "1.2.1",
"buildString": "1.2.1.423",
"revision": "be6c75b85da526349c44e3978374c95e0b80a96d",
"manualNewCodePeriodBaseline": false,
"events": [
{
"key": "E21",
"category": "QUALITY_PROFILE",
"name": "Quality Profile changed to Sonar Way"
},
{
"key": "E22",
"category": "OTHER",
"name": "6.3"
}
]
},
{
"key": "A1",
"date": "2016-12-11T17:12:45+0100",
"projectVersion": "1.2",
"buildString": "1.2.0.322",
"revision": "bfe36592eb7f9f2708b5d358b5b5f33ed535c8cf",
"manualNewCodePeriodBaseline": true,
"events": [
{
"key": "E11",
"category": "QUALITY_GATE",
"name": "Quality Gate is Red (was Orange)",
"description": "Coverage is \u003c 80%"
},
{
"key": "E12",
"category": "VERSION",
"name": "6.3"
}
]
},
{
"key": "P1",
"date": "2015-11-11T10:00:00+0100",
"projectVersion": "1.2",
"buildString": "1.2.0.321",
"manualNewCodePeriodBaseline": false,
"events": [
{
"key": "E31",
"category": "QUALITY_GATE",
"name": "Quality Gate is Red",
"description": "",
"qualityGate": {
"status": "ERROR",
"stillFailing": true,
"failing": [{
"key": "app1",
"name": "My project",
"branch": "master"
},{
"key": "app2",
"name": "Another project",
"branch": "master"
}
]
}
}
]
}
]
}
Yes, you can use the UI to select the branch you want by clicking on the drop-down arrow and select the branch you want (my example shows a Pull Request but Branches will appear here too):
Another way is to click on Project Settings > Branches & Pull Requests:
Thanks a lot @Joe
1 Like
Good day @Joe
Thanks a lot for your help so far.
I have a question on the subject of branch analysis.
Is there an option to get the report for a specific commit? Or am I pushing my luck here in terms of what is possible?
The reason for this thought is this, if there are two people committing, and one commit has issues while the other doesn’t have any issues; if the one with issues runs first followed by the one without issues, the report won’t show any issues when looked at.
So basically, even with branch analysis, is it possible to somehow drill further down and get reports for actual commits?
Thank you!!
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.