SonarQube overwirte or publish only last scan

SonarQube Server / Community Build
,
1
  • SonarQube-Enterprise Edition: Version 9.2.4
  • We have a monorepo setup that has multiple services/modules which we want to scan and publish results to sonarqube.
    we have ci pipeline(Jenkins) where we have configured sonarqube analysis stage
    stage('SonarQube Analysis') {
      container('jdk') {
      def scannerHome = tool 'SonarScanner';
      def sonarParams = "-Dsonar.branch.name=${env.BRANCH_NAME}"
      if ( params.SERVICE_NAME == "service1" ||
              params.SERVICE_NAME == "service2" ||
              params.SERVICE_NAME == "service3") {
        withSonarQubeEnv() {
          sh "${scannerHome}/bin/sonar-scanner -Dsonar.projectBaseDir=${params.GRADLE_SETTINGS_PATH}/${params.SERVICE_NAME}/"
        }
      }
    }
    }

and added sonar-project.properties to each respective services

sonar.organization=orgname
sonar.projectKey=project_key
sonar.projectName=<service1>
sonar.sources=src/
sonar.sourceEncoding=UTF-8
sonar.tests=src/test
sonar.junit.reportPaths=build/test-results/test/*.xml
sonar.java.binaries=.
sonar.java.coveragePlugin=jacoco
sonar.verbose=true
sonar.exclusions=src/test/**/*

Similar property file for other two services
sonar.projectName=<service2>
sonar.projectName=<service3>

We wanted to scan all three services and see the analysis on the project

What we are facing:
Currently sonarqube analysis scan is running on all the services but it only publishes the result of the last scan in the sonarqube

  • We have already tried to create single properties in the root directory
sonar.organization=orgname
sonar.projectKey=project_key
sonar.projectName=<service1>
sonar.sources=src/
sonar.sourceEncoding=UTF-8
sonar.tests=src/test
sonar.junit.reportPaths=build/test-results/test/*.xml
sonar.java.binaries=.
sonar.java.coveragePlugin=jacoco
sonar.verbose=true
sonar.exclusions=src/test/**/* 

# Available modules
sonar.modules=service1, service2, service3

# service1
service1.sonar.projectName=service1
service1.sonar.projectBaseDir=path/to/service1

# service2
service2.sonar.projectName=service2
service2.sonar.projectBaseDir=path/to/service2
.
.
# service3

This won’t work and Couldn’t find much how to publish all scan results in a single PR
It only gives the report for the last scanned service: We want this should have reported for all 3 services scanned within the single PR

sonarscan
sonarscan1333×516 45.1 KB

Also we had seen another thread to add this capability with 8.7 version - Wanted to make sure if it is added now to enterprise/community-edition or not. Monorepo and SonarQube? - #3 by OlivierK

2

Hi,

Welcome to the community!

I see that you’re varying sonar.projectName per module. It doesn’t seem that you’re varying sonar.projectKey…?

It’s - no pun intended, here - the key. I.e. SonarQube relies on that as a unique identifier to distinguish projects from each other and not overwrite inappropraitely.

 
HTH,
Ann

3

@ganncamp Yes, we are not varying projectKey it is same for all services - as all the services are related to single suite and also we want to publish report on a single project.
Our pipeline designed in this way that it creates separate pod for each service and each service is scanned by different sonar-scanner command. so we can not have single sonar-scanner command at root level.
not sure but just asking if possible:
Can we aggregate all the reports from multiple services scanning with separate command and publish it to single project. May be by storing scan results locally and publish later once we get the result for all?

4

Hi,

Then what you’re seeing is the expected behavior.

If you want each module to show up separately in SonarQube and not be overwritten by the other modules’ analysis, you’ll need to differentiate the project keys.

Once you’ve done that, you could use an Application (starting in Developer Edition($)) to stitch them back together into a unified presentation.

 
HTH,
Ann

5

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.