I’m analyzing pull requests from Github and the analysis results are sent to SonarQube. However, I’m wondering why it shows 913 new lines to cover, even if my pull request has only 1 line changed. See the attached picture.
I’m setting the following properties
Second question, is it possible to have SonarQube decorate the Github pull request? If yes, what are the steps?
We got the PR decoration working. However some images on the SonarQube Code Analysis PR check don’t show. Is it so that the images are fetched from the SonarQube server? What ports it requires open? See the screenshot below.
The files and changes displayed on the code page seem to be different. Tens of files and hundreds of unrelated lines are displayed. It’s real code, not just line endings. The branch names displayed in SonarQube are correct, but the data just doesn’t match. It’s almost like the target branch of the merge would be incorrect, although SonarQube displays the correct one there in the UI. Screenshot below.
For the screenshot, do you confirm that that line of that file is not changed in the branch under analysis? And if so, is it modified in some other branch? What’s the blame data look like for that file line in develop? And what’s it look like in master?
As a side note, there’s no point in specifying sonar.pullrequest.github.repository on the command line. This must be set server side and is used after analysis to decorate the PR. By the time decoration is attempted, analysis parameters are out of scope.
The logs don’t include much from the sonarqube task. You probably need to add -d with gradle.
Anyway I can see that the checkout of the code is done without a clone and without fetching all branches (only PRs): > git fetch --tags --progress https://github.com/nordic-institute/X-Road.git +refs/pull/*:refs/remotes/origin/pr/*
The problem might be that the local reference to the target branch of the pull request is not up to date.
I recommend you try changing the checkout to make sure that the target is updated.
Could you elaborate on that, please? It looks like we could have the same issue with Azure Repos Git, but I don’t know how to change that…
##[command]git -c http.extraheader="AUTHORIZATION: bearer *" fetch --force --tags --prune --progress --no-recurse-submodules origin +refs/heads/:refs/remotes/origin/ +refs/pull/6043/merge:refs/remotes/pull/6043/merge