Sonarqube mismatch in project reports after changing project name

vineethk77v · January 24, 2025, 11:58am

Hi All,
My organization using SonarQube Community Edition Version 9.3 (build 51899).
SonarQube scans are triggered from jenkins pipeline jobs.
We were using the following configuration for a project:

-Dsonar.projectKey=abcd" + " -Dsonar.inclusions=/*.js,/.html,**/.css,**/*.java"+ " -Dsonar.projectBaseDir=/path/to/abcd/path" + " -Dsonar.projectName=abcd" + " -Dsonar.projectVersion=1.1" + " -Dsonar.core.codeCoveragePlugin=jacoco" + " -Dsonar.coverage.jacoco.xmlReportPaths=target/site/jacoco/jacoco.xml" + " -Dsonar.jacoco.reportPaths=target/jacoco.exec" + " -Dsonar.dependencyCheck.reportPath=dependency-check-report.xml" + " -Dsonar.sources=path/main" + " -Dsonar.tests=path/test/java/" + " -Dsonar.skipDesign=true" + " -Dsonar.java.binaries=target/classes" + " -Dsonar.dynamicAnalysis=reuseReports" + " -Dsonar.surefire.reportsPath=target/surefire-reports" + " -Dsonar.sourceEncoding=UTF-8" + " -Dsonar.binaries=target/classes" + " -Dsonar.global.exclusions=‘…’"

This configuration was working fine until we changed both projectname and porjectid from “abcd” to “abc1d”. Now the scan gets comoleted but getting increased amount of blocker, critical and major issues.
If we switch back to “abcd”, the reports are normal, but when tries to change the name to anything else than “abcd” facing the mentioned issue.

Could anyone help on this…

Colin · January 27, 2025, 8:49am

Hey there!

It sounds like you might be changing the project key in your pipeline without updating the project-key server-side, resulting in a new project being created. If you check the Activity tab of your project, you’ll probably see no history of scans (and nothing you’ve marked as false-positive / won’t fix is being taken into consideration, or a different Quality Profile is being used).

In addition, only the latest version of SonarQube Community Build is considered active, so you need to upgrade.

Your upgrade path is:

9.3 → 9.9.8 → 25.1

You may find these resources helpful:

Upgrade Guide
LTA to LTA release upgrade notes for 8.9 to 9.9
Upgrade notes for 9.9 to 10.7 (when SonarQube Community Edition switched to SonarQube Community Bulid)
SonarQube Community Build Upgrade Notes (all upgrade notes since the switch)

vineethk77v · January 27, 2025, 10:25am

Hi Colin,
No I haven’t changed project key in server side or in sonarqube manually.
Previously we were having only one component as “abcd” so the same is project key in sonar. Now we have multiple revisions of abcd in current development cycle, So we configured the naming to something like “abcd”. Since the version is coming dynamically we cannot configure it manually.
Also is it possible to duplicate one project key (I mean one project with all its configuration including quality profile, false-positive, fixes and all) to another two more new project keys?

Colin · January 28, 2025, 3:16pm

It looks like you’ve continued the conversation over here!