In an attempt to speed up analysis (currently at 10 minutes), I wanted to float this idea and get some feedback on it:
During my build, instead of running Sonar all over the code base, just figure out the files that changed wrt the target branch, and then run Sonar on those files (complete files, not diffs of it).
What are the possible drawbacks of this strategy?
Some drawbacks that I have already thought of are:
- Code duplication will not be detected
- Sonar will complain of broken types/imports
Some users/integrations try to hack this together (and sometimes it works… but it’s very much not supported and has the drawbacks you mentioned).
Planned for SonarQube v9.x LTS is this: Analysis time of PR should be correlated to the size of the PR, which should help users where they need it most.
And I would be curious to know what langauges you are analysing, what version of SonarQube, and what Edition (Community, Developer, etc.)
Perhaps the users who’ve hacked this together can chime in here? Do you know their usernames on the community?
I’m currently analysing only our Java code base, which is at 400K LOC. Once we add our JS, that’ll probably increase the analysis time by 2x (similar LOC for JS).
- Developer Edition
- Version 8.9.1 (build 44547)