SQ DE V8.1 Branch analysis with Mercurial

SonarQube
1

Have a trial version of SonarQube Developer Developer Edition Version 8.1 (build 31237) with Mercurial and Jacoco plugin.

We have structure:
Default (top/Mercurial thing) -> Develop -> Feature Branches

In SonarQube we just see branch picker against the project but was expecting to see branches as parent/child and analysis between the parent and a feature if click on it.

(Master is empty)
image

So questions:

  1. Can Master be set to Mercurial Master which is default? (tried sonar.branch and sonar.target setting)
  2. Does SonarQube Developer edition allow us to compare a branch and a feature?

Others Details
INFO: Load branch configuration
WARN: Parameter ‘sonar.branch.target’ is no longer supported
INFO: Load branch configuration (done) | time=4ms

6 actionable tasks: 6 executed
Build step ‘Invoke Gradle script’ changed build result to SUCCESS
[SonarQube2-All-JaCoCo-DevLocal] /var/jenkins_home/tools/hudson.plugins.sonar.SonarRunnerInstallation/SonarQubeAws/bin/sonar-scanner -Dsonar.host.url=http://172.31.25.102:9094 -Dsonar.sourceEncoding=UTF-8 -Dsonar.branch.name=f/202001-sc-ast-9999-test2 -Dsonar.jacoco.reportPaths=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/build/reports/jacoco/test/ -Dsonar.sources=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/src -Dsonar.language=java -Dsonar.java.target=1.8 -Dsonar.jacoco.reportPath=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/build/reports/jacoco/test/ -Dsonar.projectVersion=1.0.{B} -Dsonar.java.binaries=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/build/ -Dsonar.projectKey=SonarQube2-All-JaCoCo-DevLocal -Dsonar.scm.provider=hg -Dsonar.java.source=1.8 -Dsonar.tests=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/test -Dsonar.branch.target=develop -Dsonar.projectName=SonarQube2-All-JaCoCo-DevLocal -Dsonar.projectBaseDir=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal

SonarQube reports

SonarQube plugins:

  • SonarCSS 1.1.1.1010 (cssfamily)
  • Svn 1.9.0.1295 (scmsvn)
  • SonarPLSQL 3.4.1.2576 (plsql)
  • SonarScala 1.5.0.315 (sonarscala)
  • SonarC# 8.1.0.13383 (csharp)
  • Vulnerability Analysis 8.1.0.675 (security)
  • SonarJava 6.0.1.20589 (java)
  • SonarHTML 3.2.0.2082 (web)
  • SonarFlex 2.5.1.1831 (flex)
  • SonarXML 2.0.1.2020 (xml)
  • SonarTS 2.1.0.4359 (typescript)
  • SonarVB 8.1.0.13383 (vbnet)
  • SonarSwift 4.2.2.77 (swift)
  • YAML Analyzer 1.5.0 (yaml)
  • Dependency-Check 2.0.2 (dependencycheck)
  • SonarCFamily 6.5.0.12506 (cpp)
  • SonarPython 2.3.0.5351 (python)
  • Code Smells 4.0.0 (smells)
  • Clover 4.1 (clover)
  • JaCoCo 1.0.2.475 (jacoco)
  • Mercurial 1.1.2 (scmmercurial)
  • SonarGo 1.6.0.719 (go)
  • SonarKotlin 1.5.0.315 (kotlin)
  • SonarTSQL 1.4.0.3334 (tsql)
  • SonarJS 6.1.0.11503 (javascript)
  • SonarRuby 1.5.0.315 (ruby)
  • Vulnerability Rules for C# 8.1.0.675 (securitycsharpfrontend)
  • Vulnerability Rules for Java 8.1.0.675 (securityjavafrontend)
  • License for SonarLint 8.1.0.31237 (license)
  • Vulnerability Rules for Python 8.1.0.675 (securitypythonfrontend)
  • Git 1.9.1.1834 (scmgit)
  • SonarPHP 3.3.0.5166 (php)
  • Xanitizer 2.0.0 (xanitizer)
  • SonarABAP 3.8.0.2034 (abap)
  • Vulnerability Rules for PHP 8.1.0.675 (securityphpfrontend)
    Global server settings:
  • sonar.core.id=BF41A1F2-AW_w5LuWG5isWiJzsr9s
  • sonar.core.startTime=2020-01-30T10:43:57+0000
  • sonar.dbcleaner.branchesToKeepWhenInactive=master,develop,trunk
    Project server settings:
    Project scanner properties:
  • sonar.branch.name=develop
  • sonar.branch.target=develop
  • sonar.host.url=http://172.31.25.102:9094
  • sonar.jacoco.reportPath=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/build/reports/jacoco/test/
  • sonar.jacoco.reportPaths=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/build/reports/jacoco/test/
  • sonar.java.binaries=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/build/
  • sonar.java.source=1.8
  • sonar.java.target=1.8
  • sonar.language=java
  • sonar.projectBaseDir=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal
  • sonar.projectKey=SonarQube2-All-JaCoCo-DevLocal
  • sonar.projectName=SonarQube2-All-JaCoCo-DevLocal
  • sonar.projectVersion=1.0.
  • sonar.scanner.app=ScannerCli
  • sonar.scanner.appVersion=4.2.0.1873
  • sonar.scm.provider=hg
  • sonar.sourceEncoding=UTF-8
  • sonar.sources=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/src
  • sonar.tests=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/test
  • sonar.working.directory=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal/.scannerwork

But other run we set

  • sonar.branch.name=f/202001-sc-ast-9999-test2
  • sonar.branch.target=develop

Thanks

2

Hello @DSEyers!

What you are trying to do seems reasonable… before SQ 8.1! Ann detailed on this thread the 8.1 changes, an important one is that we merged Short Lived Branch and Long Lived Branch into… just Branch! Read the MMF-1786 if you want to know more.

Therefore, sonar.branch.name is now only used to analyze a branch. sonar.target.name is no longer supported because it was for Short Lived Branch.
What you have now (since some time actually) is Pull Request. Pull-Request analysis allows you to “compare” the Pull-Request code with its targeted branch, now set with sonar.pullrequest.base.

The whole feature extends to also decorate Pull-Request in the ALM, but if your tool chain does not allow that, you can simply analyze your code as such.

Does it make sense to you?

3

Hi Antoine,
Thanks that helped and think we are there now!

Had to add a few more params shown lower down and believe understand the rules more and with your hint found this page: https://docs.sonarqube.org/latest/analysis/pull-request/

Managed to resolve Master by setting Develop as Master, so checkout Develop source and sent to Sonar with sonar.branch.name=master. For child branches then set the pull request ones only (as given lower down).

Branches we have
Name | ID
| f/202001-sc-ast-9999-test2 3:2f172e5b7d19 |
| test1 | 2:985873c4f2ac |
| develop | 1:5dcde2bf74e0 |
| default | 0:7d2e614bb7d1 | (We can ignore this branch)

General settings

  • sonar.language=java
  • sonar.projectBaseDir=/var/jenkins_home/workspace/SonarQube2-All-JaCoCo-DevLocal
  • sonar.projectKey=SonarQube2-All-JaCoCo-DevLocal
  • sonar.projectName=SonarQube2-All-JaCoCo-DevLocal
  • sonar.projectVersion=1.0.
  • sonar.scm.provider=hg

Parameters added when publishing the non-master branch

  • sonar.pullrequest.base=master
  • sonar.pullrequest.branch=test1
  • sonar.pullrequest.key=4:56cb76d3213e

Parameters added when publishing master branch (putting Develop as Master in SQ)

  • sonar.branch.name=master

Thanks

4

That’s good to hear @DSEyers,

I reviewed these parmeters and all seems fine. The only thing you can remove is sonar.language=java, as this is not supported anymore. If you have other languages that get analyzed and you don’t want them, you should apply exclusion rules (see Narrowing the focus)

Cheers