The quality gate is always pass when new code without any UT

aximo · November 2, 2023, 7:32am

Sonar version:

Community Edition
Version 8.9.8 (build 54436)

I have a project with customize quality

I run the sonar like this:

#!/bin/bash
set -e

SONAR_TOKEN=some-token
MR_ID=622
SONAR_OPTS="$SONAR_OPTS -Dsonar.host.url=some-host"
SONAR_OPTS="$SONAR_OPTS -Dsonar.issuesReport.html.enable=true"
SONAR_OPTS="$SONAR_OPTS -Dsonar.projectKey=data-collection"
SONAR_OPTS="$SONAR_OPTS -Dsonar.pullrequest.branch=feature/IPL-18612-invest-sonar-v2"
SONAR_OPTS="$SONAR_OPTS -Dsonar.pullrequest.base=develop"
SONAR_OPTS="$SONAR_OPTS -Dsonar.qualitygate.wait=true"
SONAR_OPTS="$SONAR_OPTS -Dsonar.pullrequest.key=$MR_ID"
SONAR_OPTS="$SONAR_OPTS -Dsonar.java.coveragePlugin=jacoco"
SONAR_OPTS="$SONAR_OPTS -Dsonar.coverage.jacoco.xmlReportPaths=$PWD/data-collection-jacoco/target/site/jacoco-aggregate/jacoco.xml"
echo "the sonar option is $SONAR_OPTS"
SONAR_OPTS="$SONAR_OPTS -Dsonar.login=$SONAR_TOKEN"
mvn $MAVEN_CLI_OPTS $SONAR_OPTS -X -e --batch-mode sonar:sonar

you can see that the sonar result is pass.

what I expect:
I expect it should be fail as the no UT coverage the new codes

what the wrong about my config? any suggestion?

acalero · November 2, 2023, 7:46am

Hi!

First of all I think you should upgrade your SonarQube instance to current LTS (9.9.x) or LATEST (10.x) since version 8.9.8 is no longer supported.

Your analysis has warnings as we can see in the screenshot. Could you please check your warnings?

The warning will probably tell you that code coverage and duplication is ignored on small changes.

You may have this option enabled on your settings to ignore code coverage if new lines is less than 20:

Best regards.

aximo · November 2, 2023, 8:11am

hi @acalero thanks your quickly reply

I want our developer to write UT even it is a small change. So,
I disable the option In UI

I also add it the SONAR Options

SONAR_OPTS="$SONAR_OPTS -Dsonar.scm.provider=git"
SONAR_OPTS="$SONAR_OPTS -Dsonar.qualitygate.ignoreSmallChanges=false"

however, the quality gate is still pass.

there are 2 warns:

for the first one, as we use 8.9.x sonar server, so I not fix it.
for the 2th one, although i run sonar:sonar in the git repo home, i also add sonar.scm.provider=git , it still exist.

I do another test by add more new codes, however, it still pass:

acalero · November 2, 2023, 8:29am

Maybe the issue is the missing blame information.

Or maybe the issue is related with the fact that you are using Community Edition and branch analysis and pull request is only available for Developer Edition and later.

If you are using an unofficial third-party plugin for branch analysis then you should ask them for help. This is a 3rd party plugin that is not supported by sonarsource. your best shot is to ask for help at the issue tracker of this plugin.

Good luck!