We are currently using SonarCloud for our PHP application which is using
development branch as main and
master branch as stable/release branch. Our current workflow is to create feature branches from development and merge back to development.
The set up is to build and test in our CI on every PR change and push the results into SonarCloud, as well as a nightly build on development branch.
The problem is that we are seeing inconsistent PR scan results and issues reported on a PR for unrelated files which are not part of the PR or doesn’t fit into definition of “New Code” (which is currently last 30 days). The report includes bug reports, duplicate lines and also test coverage metric is completely random.
What can cause this inconsistency?