Context
I’m working in a Python monorepo with multiple modules. I want SonarCloud to analyze only changed modules in PRs, comment on PRs, and flag new issues. My setup uses GitHub Actions with a matrix strategy to detect changed modules and run SonarCloud scans. The relevant module is rest_api, which has its own sonar-project.properties file.
Workflow Trigger
on:
pull_request:
branches: [main]
types: [opened, reopened, synchronize, labeled]
push:
branches: [main]
tags:
- "v*.*.*"
SonarCloud Scan Step
- name: SonarQube Scan
uses: SonarSource/sonarqube-scan-action@v7
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
with:
projectBaseDir: ${{ matrix.module }}/
args: >
-Dsonar.pullrequest.key=${{ github.event.pull_request.number }}
-Dsonar.pullrequest.branch=${{ github.head_ref }}
-Dsonar.pullrequest.base=${{ github.base_ref }}
Config in sonar-project.properties
sonar.projectKey=greenshift-app_managementportal_v2
sonar.organization=greenshift-app
sonar.sources=rest_api_server,optscale_console,optscale_metrics,google_calendar_client
sonar.exclusions=**/tests/**,**/__pycache__/**,**/migrations/**,**/*.pyc,**/mock_data/**,**/*.tar.xz
Issue
Even after making some temporary changes to .py files, SonarCloud reports “0 new lines” in the PR analysis and does not flag new issues:
You can see that the workflow is triggered but it recognise 0 issues, even if I added some very ugly and bad-practice code. Here is what I see in sonarQube Cloud center:
I confirm that it is on the correct branch, and there is even the latest commit on this branch (see the red circle). However, it shows “0 New Lines”
Raw Logs
SonarCloud Scan Log
15:12:46.738 INFO SCM writing changed lines
15:12:46.758 INFO SCM writing changed lines (done) | time=21ms
15:12:48.225 INFO ANALYSIS SUCCESSFUL, you can find the results at: .../dashboard?id=greenshift-app_managementportal_v2&pullRequest=501
...
15:31:10.854 INFO The Python analyzer was able to leverage cached data from previous analyses for 0 out of 111 files. These files were not parsed.
What I’ve Tried
-
Ensured correct branch checkout (not merge commit)
-
Used commit SHAs for diff detection
-
Updated to recommended SonarCloud action
-
Verified sonar.sources and exclusions
-
Confirmed changed files are detected in the workflow
Question
Why does SonarCloud report “0 new lines” in PR analysis, even though files are changed and detected in the workflow? What else could cause SonarCloud to miss new lines/issues in a PR?
- Only if the SonarCloud project is public, the URL
- And if you need help with pull request decoration, then the URL to the PR too
- Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
- Steps to reproduce
- Potential workaround