Hi community,
We are using GitLab pipelines with SonarQube (Community Edition) and we are seeing some confusing behavior.
Scenario 1 – Duplicate Lines & Reliability Rating Issues:
Initially, the pipeline on the master branch worked fine.
Later, we triggered pipelines on a feature branch. SonarQube started detecting issues like duplicate lines and poor reliability rating.
To test, we triggered a new pipeline on the master branch using a dummy commit (no code changes at all).
But, the same issues from the feature branch appeared on the master branch even though:
-
No code was changed on master.
-
No merge from feature into master was done.
Scenario 2 – New Code Coverage Issue:
We are facing similar behavior in another project, where SonarQube reports a “New Code coverage” issue, despite no changes in the code.
We tried updating the “New Code” settings in the SonarQube project and set the reference to the previous version/analysis, but it’s still failing.
We have triggered the pipeline using both an empty commit and the GitLab Web UI, but the result is the same.
Our Questions:
-
Why is SonarQube flagging issues on the master branch when no code has changed?
-
How can we ensure SonarQube doesn’t incorrectly apply issues found in feature branches to master?
-
Is there a reliable way to configure “New Code” detection to avoid such false positives?
-
How can we ensure empty or dummy commits don’t trigger incorrect issue detection?
-
How does SonarQube determine the baseline for new code or issues?