Greetings !!!
I am using SonarQube: Version 7.4 & have added below plugins SonarQube new QualityGate:
LineCoverage on new code
Condition Coverage on new code
Coverage on new code
New Code Period
To implement: New Code Period (Number of days)
My requirement: To add a new code period SonarQube plugin for the existing project (project-1)
What I did:
I create a new Sonar Quality Gate for a project
Removed existing Sonar report for the project-1
Added “New Code Period - Number of days (2020-10-20)” plugin from SonarQube specific to project-1
Problem statement:
1st: After executing SonarQube CI, I am not able to see any new issue appear (wrt New Code Period) in the dashboard (since the day I mentioned - 2020-10-20)
Is it due to Sonar Project is newly created (without any history) which would fail to fetch the issue from the past days?
2nd: If I rerun the SonarQube CI without any code update in Project-1, Line Coverage on new code/Condition Coverage on new code appear as 0%
Is this due to No NEW code added from the last build?
I would like to know what could be the issue. Any help, pointers, suggestions would be grateful.
Thanks in Advance.
For 0% Coverage, below is the fix with the below updates
In all Coverage, I have UnChecked the ‘On New Code’ and only use ‘Coverage on New Code’ to track the new code quality. It worked as expected.
Snapshot:
Prior 0% Coverage
Update (After uncheck new Code):
And also New Code Period changes are reflecting.
Thanks, everyone :)
Related
I have a project with very strict time budgets for SonarQube scan as part of CI pipeline. We essentially want to only scan the lines that have changed and not the full project. Is it possible to scan only changed files in the last commit, and provide report based only on changed lines of code? I want to check if added or modified lines make the project quality worst as the developer don't care about old code - only what they committed.
I saw a few notes on the Sonar Community that said this was not possible, but checking if this has changed over the past 12 months? Did not find anything in the docs.
New Code analysis only
I want sonar analysis on newly checkin code
We have created a portfolio and added few applications to portfolio but when i choose portfolio in the sonar dashboard it shows the below message even though i have added few projects to it and there were no background tasks or analysis related data after sonar analysis on one of the project.
Message:
This portfolio is empty.
This portfolio has no projects, or none of associated projects has lines of code.
We have followed the below link to configure a portfolio.
https://docs.sonarqube.org/display/SONAR/Configuring+Portfolios+and+Applications
Created a Portfolio and few projects the portfolio
Project selection mode: Manual
Sonar Version: 6.7.4 LTS
Enterprise Edition
Issue: i Could not see the projects which i have added to portfolio under Sonar portfolio section
Can someone please point me to the right configuration steps or help me with the resolution.
Finally figured this out and wanted to share with anyone else who stumbles across this problem. The issue here is that the SonarQube version being used by the OP is 6.7 (similar to me) and the documentation he linked to is for the latest version of SonarQube (7.3 as of this writing).
The documentation for 6.7 is located here and navigating to the equivalent Configuring Portfolios and Applications page includes the following required command be run in order to execute the Portfolio Calculation task in previous versions of SonarQube:
Calculation Calculation must be triggered manually each time a
Portfolio structure is modified. Portfolios should also be recomputed
on a regular basis to keep them up to date with the most recent
project quality snapshots. Portfolio are computed with the SonarQube
Scanner.
To compute all your Portfolio, run the following command (credentials
from a user with "Administer System" or "Execute Analysis" permission
is required):
sonar-scanner views -Dsonar.login=<token>
or
sonar-scanner views -Dsonar.login=<login> -Dsonar.password=<pwd>
So when using SQ 6.7, without running that sonar-scanner views command in your build plan, only the Project Analysis task will run and your Portfolios will never be updated. Running this views command appears to run the Portfolio Calculation task for all Portfolios on the SQ Server which in turn will update the UI for each entry.
I am triggering a Sonar analysis from Jenkins whenever a user commits any change to any branch of my project. In SonarQube I see the project analysis result, and quality gate status, for the most recently run analysis. It only shows the most recently run analysis for a given project.
How can I see a 'history' of previous analyses that were run prior? Specifically I would like to see the coverage from before and the where in the codebase specific 'critical' issues triggered a quality gate failure. Basically I want a historical snapshot of the 'project overview' page for each time the analysis is run. Since I am triggering the analysis from different branches I need to be able to differentiate an analysis of Branch A vs. a previous analysis of Branch B.
If you use SonarQube up to version 5.6: Use the Sonar Timeline Plugin, which allows you to add a graph to your dashboard.
If you use SonarQube version 6.5 or later (to be released in August 2017): Get feature rich history graphs out of the box (no plugin required)!
It looks like you have to make a custom dashboard and add a history widget. It looks like it shows you just the times the gate changed (which i guess is what I should have expected) for example the project I tested with only changed status 3 times so even though I asked for 10 columns it only showed 3.
This is on the Sonar homepage for your project, not the sonar widget in jenkins fyi
I have set up SonarQube, Maven and Cobertura to upload unit test coverage at every build run. I want to use the differential views to get coverage for the delta (new code only).
The coverage itself is successfully uploaded, and I can see the delta in lines of code. However, I can't get the "Coverage on new Code" to work.
I tried different values for the leak period, including previous_analysis and previous_version (changing the version from 1.0 to 1.1 in the new analysis). I also used -Dsonar.projectDate to simulate a past date of analysis but still no luck.
Any thoughts?
The key requirement to obtain new_code -related information/metrics is to leverage SonarQube SCM integration. And to benefit from that you have to install a compatible SCM Plugin applicable to your project (e.g. Git Plugin, SVN Plugin etc.).
"Coverage on New Code" is only displayed if you are using/activating SCM support (SVN, Git, ...).
sonar.scm.disabled=false
Adding this sonar.java.binaries=classes directory, most likely target/classes
helped me in fixing this issue. No JaCoCo analysis of project coverage can be done since there is no class files
I am new to Sonar and need help in using Sonar's inclusion/Exclusion options.
I have installed Sonar 4.0 and Sonar-Runner for running analysis on project.
Its a huge project with large number of classes. every time a new release comes, we hardly make changes to the 5% of the code.
This is the reason i need to include only the classes i have changed within one release.
For that i wanna use sonar's INCLUSION option. Please help me.
From my point of view, the proper way to do it is to analyze the whole code base each time and work in differential mode to focus on new issues, code coverage on new code, etc. See http://docs.codehaus.org/display/SONAR/Differential+Views