SonarCloud using wrong target branch when analyzing Bitbucket Cloud Pull Request

Details:

  • ALM used: Bitbucket Cloud
  • CI system used: Bitbucket Cloud pipelines
  • Gradle sonarqube plugin with sonarqube task
  • Java

We have the develop branch as the default, with a long lived project branched from develop, and then
short-lived feature branches from the project branch. When creating a pull request from the feature branch to the project branch, the new code analysis is comparing the feature branch with develop and not the project branch which is the target of the pull request

Do I need to do something to configure it to use the correct target branch?

May I ask what makes you think that this is the case? (How do you know which branches are compared?)

Can you please share the gradle sonarqube command used in the pipeline? The parameters used may give us a clue as to why the incorrect branch is used.

You may need to pass the sonar.pullrequest.base property to specify the long-living branch that should be the base of the pull request analysis. For example:

./gradlew sonarqube -Dsonar.pullrequest.base=name-of-long-living-branch

Is the project bound to SonarCloud? (When you open your project on SonarCloud, do you see a bitbucket icon next to the name or not?)

We have a project branch from our develop branch (default branch in Bitbucket). That project branch is somewhat long-lived, and has low coverage, e.g. 50%. We created a feature branch from that project branch, and made one small change in a class with good coverage. The pipeline ran on the feature branch, and the “new code” coverage is reported at 30%. When we click on the “More details on SonarCloud”, it opens SonarCloud with the source feature branch compared against develop, not the project branch, with the same low coverage. There’s no way to see the feature branch compared with the real base branch in this case.

I am using the org.sonarcube and jacoco gradle plugins, and the gradle command is `./gradlew --refresh-dependencies build publish jacocoTestReport sonarqube

The doc says the -Dsonar.pullrequest.base property (and other sonar properties) should be set for me by automatically by the SonarCloud Bitbucket add-on. I have no way of knowing the value to pass for the base branch, it depends on what target branch is selected in the pull request.

Yes the Bitbucket project is bound to SonarCloud, in Sonar cloud I see the Bitbucket icon. I created the projects from SonarCloud, which pulled the projects in from the Bitbucket Cloud repos in our Team. All I did in Bitbucket repository was add the Sonar access token and update the gradle build as I’ve described.

Do we need to be using bitbucket pull request pipelines? Then I can get the BITBUCKET_PR_DESTINATION_BRANCH variable to use for the base branch, but that’s going to cost me build minutes, we aren’t using pull request pipelines currently.