Workflow Auto Scan PR + Manual Scan

We are working on an application written in Objective-C and Swift.
We have protected branches on Github, and they need to pass certain tests.

The code is automatically analyzed when a PR is open. The only problem is that autoscan is only analyzing Swift Code.
Our CI (CircleCI) runs several scripts to run local code analysis and upload to sonar cloud. It fully analyzes our Object-C + Swift code.

The main issue we have is that the call via CI is async, it will not re-trigger any PR analysis.

So for example, we added code in Objective C to fail the quality gate, our CI cannot know the status of the analysis. We only know know on SonarCube that:

  • PR Analysis passes
  • Branch Analysis fails
    How can we manually trigger the PR analysis? or is there another workflow that we should be following?


Hello @jsaadep,

Could you share the relevant parts of your CircleCI config.yml?


Currently using CircleCI but most of the scanning is being done from fastlane.
In case of iOS, any merge is only scanning Swift Code and not any objective-c scan (Which is the default behavior as sonarcloud auto scan does not support Obj-C). So to trigger a scan I followed a lot of documents and ended up doing:

1- Call to run_tests fastlane Action with specific paramters using “build-wrapper-macosx-x86” downloaded:

      clean: true,
      project: "****.xcodeproj",
      scheme: ""****.",
      devices: ["iPhone X",],
      derived_data_path: "./build/deriveddata",
      output_directory: "./build/test",
      output_types: "junit",
      code_coverage: true,
      buildlog_path: "./build/logs",
      xcodebuild_command: "env NSUnbufferedIO=YES /Users/distiller/project-working-dir/sonar/build-wrapper-macosx-x86/build-wrapper-macosx-x86 --out-dir ./build/bw_output xcodebuild"

2- direct call to sonar-scanner to upload result from code test above to sonar cloud:

sh("eval /Users/distiller/project-working-dir/sonar/sonar-scanner-"+git_branch+" -Dsonar.cfamily.threads=2 -Dsonar.projectBaseDir=../**** -Dsonar.sourceEncoding=UTF-8 -Dsonar.sources=. -Dsonar.organization==****") -Dsonar.projectKey==****") -Dsonar.projectName=**** -Dsonar.login=****") 

The above is resulting in Obj-C + Swift being fully scanned.
But there is no direct feedback to our Pull Requests status checks on github.

Autoscan automatically gives a status of the Pull Request so we can know if there is any issue and if it did not pass the quality gate.

In case of android, doing a bit the same. Java is also not supported in autoscan. So I am using sonarqube gradle plugin via: ./gradlew clean sonarqube
It is doing the job, but not status feedback to Pull Request

PS: I am aware that I can use

The main issue is that CircleCI cannot be configured to run on both branch merges and PRs.
If I run it on branch merge (Like I am doing now), I do not have any access to fill in those PR values.
And a run on branch merge is necessary to produce a deploy of the app.

Hello @jsaadep,

By branch merge do you mean that a build is triggered for every commit on every branch? So you can not activate the setting ‘only build pullrequests’?

Ah no, only on specific branches.
Example: when PR is merged to develop => We deploy to internal testing.
But we do not run deploy to every single branch.