The sonar cloud shows coverage of files which are not included in the PR

Template for a good new topic, formatted with Markdown:

• ALM used (GitHub, Bitbucket Cloud, Azure DevOps) - Azure Devops
• CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI - Azure DevOps
• Scanner command used when applicable (private details masked)
• Languages of the repository
• Only if the SonarCloud project is public, the URL
  • And if you need help with pull request decoration, then the URL to the PR too
• Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
  The sonar cloud shows coverage of all files which are not included in PR
• Steps to reproduce
• Any PR can show this issue

# This pipeline is triggered only if changes are made in app-backend in a PR.

trigger: none  # Prevent automatic triggering on push

pool:
  vmimage: Ubuntu-latest

variables:
  date_tag: $[ format('{0:yyyy}{0:MM}{0:dd}', pipeline.startTime) ]

steps:
  - checkout: git://root/loopriq-inspect@$(System.PullRequest.SourceBranch)
    fetchDepth: 0
#   - checkout: self

  - task: SonarCloudPrepare@2
    displayName: Prepare_Analysis_Configuration
    inputs:
      SonarCloud: 'loopriq-inspect-sonarcloud'
      organization: 'loopr-ai'
      scannerMode: 'CLI'
      configMode: 'manual'
      cliProjectKey: 'loopr-ai_loopriq-inspect'
      cliProjectName: 'loopriq-inspect'
      cliSources: '.'
      extraProperties: |
        sonar.javascript.lcov.reportPaths.backend=$(System.DefaultWorkingDirectory)/app-backend/coverage/lcov.info
        sonar.testExecutionReportPaths.backend=$(System.DefaultWorkingDirectory)/app-backend/coverage/sonar/sonar-report.xml

  - task: NodeTool@0
    inputs:
      versionSource: 'spec'
      versionSpec: '20.x'

  - task: Npm@1
    displayName: Installing NPM packages - App-Backend
    inputs:
      command: 'install'
      workingDir: 'app-backend'

  - script: |
      bash $(System.DefaultWorkingDirectory)/dependencies/setup-dependencies.sh
      cd $(System.DefaultWorkingDirectory)/app-backend/
      npx prisma generate
    displayName: Prisma task - App-Backend
    continueOnError: true

  - task: Npm@1
    displayName: Unit Tests - Backend
    inputs:
      command: 'custom'
      workingDir: 'app-backend'
      customCommand: 'run test:ci-cov'
    continueOnError: true

  - task: PublishTestResults@2
    displayName: App-backend Unit_Test Results
    inputs:
      testResultsFormat: 'JUnit'
      testResultsFiles: 'junit.xml'
      searchFolder: '$(System.DefaultWorkingDirectory)/app-backend'
      failTaskOnFailedTests: true
      failTaskOnFailureToPublishResults: true
      testRunTitle: 'App-backend Unit test results'

  - task: PublishCodeCoverageResults@2
    displayName: Coverage Report App-backend
    inputs:
      summaryFileLocation: |
        $(System.DefaultWorkingDirectory)/app-backend/coverage/lcov.info
      pathToSources: '$(System.DefaultWorkingDirectory)'

  - task: DockerInstaller@0
    inputs:
      dockerVersion: '17.09.0-ce'

  - task: Docker@2
    displayName: Docker Login
    inputs:
      containerRegistry: 'registry'
      command: 'login'

  - task: ShellScript@2
    displayName: App-backend
    inputs:
      scriptPath: 'dependencies/backend-build/build-backend-docker.sh'
      args: 'backend:dev.$(date_tag)'
  
  - task: SonarCloudAnalyze@2
    displayName: Run_Cloud_Analysis
    inputs:
      jdkversion: 'JAVA_HOME_17_X64'

  - task: SonarCloudPublish@2
    displayName: Publish_Quality_Gate_Result
    inputs:
      pollingTimeoutSec: '300'

Hi,

Can you share your analysis log?

The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.

This guide will help you find them.

Once we have the analysis logs, I suspect we’ll see that they reflect a lack of SCM metadata to determine what’s in the PR and what’s not.

Yes, you’ve got fetchDepth: 0, which is a crucial first step, but the prerequisites also need to be in place.

 
Ann