We are implementing quality gates with sonarqube for our gitlab merge request pipelines. Mostly it works great, but sometimes it considers old code and fails.When this happens (have not been able to identify when or why it happens), we see a bunch of warnings in the log like [WARNING] File 'xyz' was detected as changed but without having changed lines (I’m not sure if this is actually related, but it seems like it). The fact that it fails the build intermittently means we had to shut off the quality gate. We are running sonarqube 8.1, is this something that is fixed in a later version? Any help would be appreciated.
Hi,
Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:
8.1 → 8.9.7 → 9.3 (last step optional)
You may find the Upgrade Guide helpful. If you have questions about upgrading, feel free to open a new thread for that here.
We’ve done a fair amount of work on detection of new code since 8.1. Without more details it’s difficult to say for certain whether or not this will fix the problem, but upgrading is definitely the first step.
HTH,
Ann
Thanks for your response. We are now on 8.9.7. What we would like to do is configure MR pipelines to ONLY consider code which has changed within the MR. Is that something we can configure?
Hi,
It’s not something you should have to configure; it should just work that way. Have you tried it? And if so, what are you seeing?
Ann
Yes, I created a test branch with 2 changed files. When it does the MR scan, it’s picking up code that was changed on the target branch before I branched and treating it as new (based on what I see when I look at the code tab for my PR scan).
Do I need to run a branch scan to set a baseline before running an MR scan?
Do PR scans pick up New Code settings from the source branch?
It looks like Reference Branch (under the project New Code settings) may be what we were looking for. Thank you for your help.
1 Like