We are using:
- automatic analysis
- mostly C++ but also GitHub actions config, python, javascript
- GitHub as a git host and for pull requests / reviews
- GitHub Actions for CI
We prefer to use a .sonarcloud.properties configuration file to set exclusions and configs for the scanner, rather than setting these in the project web UI. One reason for our preference for configuration-is-code is that, when new issues appear and we consider them false-failures, we change the scanner configuration rather than the code, and with config-as-code the configuration change is clearly linked to the related code changes in the same PR.
However, it seems like Sonar always uses the configuration file from the mainline. This means when config changes are made on the PR branch, they don’t affect Sonar’s analysis of the PR.
Can automatic analysis for pull requests be configured to use the .sonarcloud.properties configuration file from the PR branch, rather than from the mainline?