SonarQube rules not working on TypeScript

I am trying to set up SonarQube to scan an Angular project using Typescript. SonarLint linked to the SonarQube instance can detect a codesmell.

The project is configured as:

; sonar.exclusions=node_modules/**,dist/**,**/*.spec.ts
; sonar.tests=src
; sonar.test.inclusions=**/*.spec.ts


When I run the SonarQube job in Gitlab with the sonarsource/sonar-scanner-cli:latest docker image, no code smells except the ones generated by ESLint are reported.

Running server deployed with Helm which works fine on all other projects with other languages.

I’ve attached the output of the CI job.

job.txt (164.7 KB)

SonarLint will detect all issues on a file, while your pull request analysis will only detected issues on changed lines of changed files.

With that in mind, would it make sense for the other issues to be raised in this PR analysis?

Do the issues appear on a full branch analysis (an analysis of the main branch)?

Hi Colin,

There is nothing in the main branch and all the code is in the MR being scanned. Please see this screenshot of the MR.

:thinking: That’s odd, as it appears the scanner both finds a cache for the main branch

15:25:07.152 INFO: Load analysis cache
15:25:07.166 DEBUG: GET 200 | time=14ms
15:25:07.175 INFO: Load analysis cache (4.3 kB) | time=23ms

And then uses it:

15:25:16.871 DEBUG: Files which didn't change will be part of UCFG generation only, other rules will not be executed
15:25:17.932 INFO: Analyzed 5 file(s) with current program
15:25:17.938 INFO: 5/5 source files have been analyzed
15:25:17.938 INFO: Hit the cache for 5 out of 5
15:25:17.939 INFO: Miss the cache for 0 out of 5
15:25:17.939 INFO: Sensor TypeScript analysis [javascript] (done) | time=5316ms

Is there really nothing displayed when you view the main branch in SonarQube (putting aside what you see in Gitlab)?

This might just be a red herring, but it doesn’t sound like there’s no analysis of the main branch.

No there is nothing in the main branch except a readme and .gitignore file.

I’ve added the SonarQube config only for the branch that is currently in Gitlab’s merge request that triggers the pipeline and SonarQube scan.

But putting aside what you see in Gitlab, what do you see in SonarQube when you look at the main branch of the SonarQube project?

Ok, this is very strange, it seems it has the code in SonarQube under the main branch, which is not the case. That code has never been in the main branch and only exists in the branch we made the MR for.

How is this possible?

I deleted the project and recreated it. It works now.

1 Like