Hi Danilo,
If your goal is to analyse a Pull Request, then please have a look at this documentation page. You’ll see there that you need to pass the following three parameters to the scanner:
- sonar.pullrequest.base
- sonar.pullrequest.key
- sonar.pullrequest.branch
From your configuration I see you are however passing sonar.branch.name parameter instead. This will consider your analysis to be a Branch Analysis and not a Pull Request Analysis. Also, you must use “only: merge_requests” in your pipeline or a “rules” equivalent syntax (read this page from GitLab) so that GitLab triggers a build correctly configured for any pull request (aka merge request). This is what you did on step 7 but you should differentiate the pipeline to scan branches (pass sonar.branch.name parameter) from the pipeline to build merge requests (pass the 3 parameters I pointed out above).
Also, I recommend you upgrade to version 8.3: you will get these 3 parameters auto populated, bug fixes etcetera. My config with version 8.3 looks like this:
image:
name: sonarsource/sonar-scanner-cli:latest
entrypoint: [""]
variables:
GIT_DEPTH: 0
sonarqube-check:
stage: test
script:
- sonar-scanner -Dsonar.qualitygate.wait=true
allow_failure: true
only:
- merge_requests
Hope it helps, cheers,
Daniel