SonarQube branch analysis and Leak period


  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    SQ ver : 6.7.3
    branch plugin :1.0 (build 507)
  • what are you trying to achieve

Trying to setup GuideWire (Gosu) analysis with custom plugin and rules.using scanner for 2 types of branches long (master) and short (feature).As GW itself has so many OOTB issues trying to create a baseline version ootb issues ignored.And subsequent analysis of all other branches should generate the differential view (ie the ootb issues in baseline version should be ignored)

  • what have you tried so far to achieve this

Initial analysis run and baseline version created v1.0.set leak period as this
in all subsequent branch analysis setting the and
But the combination of branch analysis and leak period is not producing the correct output,i see still there are issues getting duplicated

What is the best strategy for achieving this?


It sounds to me like you might be creating long-living branches in SonarQube rather than short-lived branches, in which case it would make sense that the issues sync upon brach creation.

Check the “Configuring the Branch Type” section of the Branch Analysis documentation and based on the info there, compare your global/project settings to how your branches get named.


Hello Colin,

Thank you for the response.
I have indeed referred the [Branch Analysis documentation] and also the Fixing+the+Water+Leak
Indeed it is creating short-lived branches as i said earlier i am setting the and can see that in web gui as short-lived)

To clarify my situation

1.Long-lived Branches - “During the first analysis only, issues (type, severity, status, assignee, change log, comments) are synchronized with the Main Branch. In each synchronized issue, a comment is added to the change log of the issue on the long-lived branch: “The issue has been copied from branch ‘master’ to branch yyy”.”

I am not sure if this is happening in my case,every-time there is an analysis i see the same issues getting repeated

2.Short-lived Branches
“The issues visible on the short-lived branch are the new issues corresponding to files modified in the branch.”

Ideally i would have expected after the initial analysis (BASELINE) ,after setting this in the leak period.
All the subsequent analyses will have the delta issues or issues on the modified files,shouldn’t this be the behavior in both long and short (obviously because of “ephemeral nature of short-lived branches…”)?



After some trail and error,was able to make this scenario work by the following steps.

  1. Set the sonar.branch.longLivedBranches.regex to required ((master|release|development)-.*)
  2. Run the initial analysis without specifying any branch information on the baseline version.this will be the BASELINE or V1.0
  3. Set the leak period as BASELINE or V1.0 (instead of previous_version) in leak period or sonar.leak.period
  4. Set the and in all subsequent analysis

Not sure if this what is intended from the doc,it was not quite intuitive. :slight_smile:
Thanks again for the support.


1 Like

Hi @anandnarayanan,
I was really interested to see that you managed to get Sonar working over Gosu code. I have been trying for a while, unsuccessfully. I keep hoping that either Guidewire or Sonarsource will write something that will work in Sonar, rather than having to use plugins, but I don’t see that happening anytime soon.
Would it be possible for you to share what plugins you used and how you managed to get past any errors you encountered?
Thanks, Andrew.

Hi Team,

SQ ver : 9.3.0

We are facing a similar scenario in which we have a develop branch from which several feature branches are created. During branch analysis, we are seeing issues from the previous version getting copied from develop to those feature branches, on the issue activity we see:
The issue has been copied from branch ‘main’ to branch ‘yyy’"

Our current New Code setting is set to previous version for both the develop branch(which is also our main branch) and all feature branches.

We really wanna avoid copying any issues from develop to feature branches. Our develop branch contains a lot of legacy issues. We want to focus on any new issues that will be added on the feature branches.

As per the solution provided in this thread, can’t really find sonar.branch.longLivedBranches.regex or sonar.leak.period analysis parameters anymore.

Please suggest, how can we achieve this in the latest SonarQube version 9.3.0.


were you able to incorporate Sonarqube to Guidewire v10 or v9. if no please let me know . after trying for nearly 10 days finally i am able to configure Sonarqube with Guidewire v10 with the help of Guidewire sonarqube accelerator. Main challenging part is that compatibility issues.

Coming to Guidewire cloud sonarQube will not work as Guidewire itself released surepath plugin inbuilt in the Teamcity app. Whenever a dev raises PR , once it is approved. parllel build and inscpection will be triggered and violations will be notified to reviewr and dev as well.