SonarCloud results shows different/additional files as compre to files pushed as part of PR

Rahul-Utekar_ideas · January 4, 2023, 8:24am

ALM : GitGub
CI system : On Prem Jenkins

Scanner Command : mvn sonar:sonar -B -s modules/XX/Maven/Build.xml -Dsonar.login=**** -Dsonar.pullrequest.key=XXX -Dsonar.pullrequest.branch= -Dsonar.pullrequest.base=main -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.github.repository=our-org/projectname

Language : Java / javascript

Recently we migrated the our project repo to GitHub & also started using the SonarCloud. The build is running ran using on prem jenkins. As part of PR build process (on Jenkins slave), we invoke sonar scan using MVN. This pushes the scan results to SonarCloud. To reduce the build time we are not running the sonar scan in main build. Instead we have a separate jenkins job (not part of build) which run a full inspection on main branch every 2 hours.

What we have observed that for many PRs (but not all), the files pushed as part of PR & files listed as part of SonarScan results are not matching. Many a time we are seeing additional files & the pushed files are not listed.

In ideal scenario the files pushed in PR & files idetified in SonarScan should be the same. This post challenge in code coverage etc.

Could you please help us here to fix this issue.

ganncamp · January 5, 2023, 2:20pm

Hi,

Welcome to the community!

I take it there are extra files showing up as changed in the PR? Have these files been updated in main since the last analysis?

Ann

Rahul-Utekar_ideas · January 10, 2023, 10:22am

Sorry for the delayed response. We have almost 80+ developers working. I have changed the Jenkins job & we are running the sonar scan in the code merge to main. We still have sporadic issue of PR scan showing extra file which were not part of respective PR. Would it because by the time PR scan gets triggered main branch got some merge by other developers. How do we handle these scenarios?
Also many a times now main branch build’s sonar reports 0 coverage.

ganncamp · January 10, 2023, 2:31pm

Hi,

Great news!

That’s possible, but we’d really need the details of these specific cases to know for sure (feel free to create new threads…)

Again, we would need the details of the cases to understand what’s happening here. Feel free to create a new thread for that.

Ann

Topic		Replies	Views
Sonar PR scan not analyzing changed files SonarQube Server / Community Build	10	640	May 3, 2023
Unrelated files scanned in SonarCloud PR check SonarQube Cloud php , scanner , sonarqube-cloud	10	1748	October 6, 2021
SonarCloud finds files that are not related to a Pull Requests as "new code" SonarQube Cloud coverage	19	1651	April 6, 2023
PR scans not detecting code changes that branch scans do SonarQube Cloud pull-request , sonarqube-cloud	11	4330	October 5, 2021
Sonar-scan + codebuild + github + pull requests? SonarQube Cloud coverage	5	541	November 1, 2022

SonarCloud results shows different/additional files as compre to files pushed as part of PR

Related topics