SonarQube - Handling issues in long term branches

SonarQube 7.9.1. LTS Enterprise

I have been using long-lived branches in SQ. One of the issue I have faced is that if a false positive is manually handled in one of the branches, the same action will have to be taken manually in all branches as the code will move from one branch to another.

Is there any other way of handling this such that action taken on one branch applies to other branches too ?

Hi,

According to the docs issues are synchronized on branch creation. So when you create a new branch it should inherit the old one’s FPs. After branch creation though, you’ll have to synchronize manually.

 
HTH,
Ann

1 Like

I was aware of the sync during branch creation. Was not sure if there is a way to do auto sync after branch creation, but looks like there is no such way. Thanks.

As an update, this (SonarQube not able to sync issues after branch creation) is the single most critical factor which is making us move away from using SonarQube branches. Issues marked as Won’t fix or false positives on a branch comes up again when code is moved to another branch - thus causing extra work every time.

Is this capability/feature to make SonarQube sync issues even after branch creation, anywhere in roadmap ?

Hello,

By default, long-lived branches are considered to have an independent life.
Have you considered using Pull-Requests to merge code from a branch to another? This way, issue status should follow.

Hello @Chris We have been using Pull Requests to merge code from one branch to another. But that does not help. E.g. code was first pushed on “develop” branch, scan was run and a new issue was found on “develop” branch, which was marked as false positive. Then code was merged using a Pull Request from “develop” to “integration” branch. Scan on “integration” branch was run and it brings that same new issue again on “integration” branch. Now the same action of manually marking the issue as false positive needs to happen again.
This is only true for issues which are not fixed in code and fixed in SonarQube itself e.g. when marking issues as false positive or won’t fix. If the issue was fixed in code then of-course the issue would not appear again.

Hi @ankurja Changes made to issues in the pull request should be carried over to their target (as long as the P/R still exists in SonarQube).
Did the P/R still exist when you analyzed the merged code in develop?
Also for SonarQube to be able to match the issues between both branches, the merge can’t change too much the code where the issue is located.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.