- ALM used : Azure DevOps
- CI system used : Azure DevOps
- Scanner command used when applicable : Inbuilt Gradle Sonar Scan
- Languages of the repository : Android/Java
- Only if the SonarCloud project is public, the URL - Private project
- Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
No error, but Sonar Analysis is generating code smells from code that has not been modified in the current PR causing the Quality Gate to fail.
- Steps to reproduce : Rerun same PR
- Potential workaround : Bypass policy
Similarly, we are seeing other PR’s also where untouched code has been pulled into code smells.
Please advise what can be probable cause and help fixing this.
Typically when you see issues on old code reported in a pull request, it’s because there was a problem reading the SCM data, which is how analysis determines what’s new. Either that, or the branch being targeted by the PR wasn’t available in the local repository.
If you check the bottom of your analysis log, do you see a message about SCM detection being disabled?
Thanks for the reply.
We are using the inbuilt analysis in Gradle Task, I am not seeing any logs for Sonar Analysis showing SCM detection. I searched for Sonar as well as SCM, no relevant details are available to help debug this.
Is there any other way we can identify the cause for this.
Gradle logs are frustratingly terse until you turn on debug, which is detailed in this guide.