1

I have a huge codebase that I'm analyzing through Sonar. I have integrated Sonar analysis in our CI build process, and the current structure looks like this:

---Prod build---
-ProjectKey: abc-Prod
-ProjectVersion: 2.0
-ProjectName:abc

Now, I also have nightly build process running on all our feature branches (I do not wish to change this to preview analysis and want a full sonar on all these too). This nightly branch analysis looks like this:

---Feature1---
-ProjectKey: abc-Feature1
-ProjectVersion: 2.0.1
-ProjectName:abc

--Feature2---
-ProjectKey: abc-Feature2
-ProjectVersion: 2.0.2
-ProjectName:abc

My question is this: In such a structure,I am not able to perform differential analysis between the Prod build and the Feature build. I know there is the "Compare" option to compare projects with different keys, but that is not sufficient for my case, as we are looking to see the exact new issues that have been added in the new features as opposed to the prod build.

Is there anyway I can restructure this, to use the same codebase as the Prod build for differential analysis against the feature builds?

Note:I cannot use the same project key because, I have dashboards that shuold always be able to pull up latest analysis on the prod build as well as every feature build, and overriding the version numbers for the same projectkey updates the results everywhere to the last analysis results.

Any pointers? Thanks!

crypto9294
  • 171
  • 2
  • 14
  • Did you try with the `sonar.branch` property? You can set it directly in jenkin configuration page for sonar post-build step. – guido Apr 26 '14 at 09:54
  • Yes, sonar.branch property does the same thing as I have implemented. It uses the sonar.branch value to assign a new project key to the feature branch project like: :, hence storing each feature codebase as a different project. This has the same limitation as well: cannot see differential views between feature base and prod code base as they both have different project keys. – crypto9294 Apr 28 '14 at 21:40
  • This seems to be a big limitation with SonarQube. It looks like in today's workflow of feature branches and pull requests the tool cannot really integrate that well. Have you found an alternative? Tools like code climate exist but I haven't seen anything for C# or Java. – Paul Feb 13 '15 at 15:30

1 Answers1

1

I face the same problem, what I plan to try is using the API of sonar: Firstly, put the branch name and commit id as the "sonar.projectVersion". then you can use the API: projects/index?search=&versions=true to fetch all the versions.

Secondly: set the differential view parma for sonar. if you can find the branch name in the result of last step, set the differential view parma like this: 

 <property name="sonar.timemachine.period1" value="latest version of current branch" />
 <property name="sonar.timemachine.period4" value="latest version of current branch" />
 <property name="sonar.timemachine.period5" value="latest version of current branch" />;

otherwise you should set the project compare to the parent branch, set the differential view parma like this: 

<property name="sonar.timemachine.period1" value="parent branch.commit id" />
<property name="sonar.timemachine.period4" value="parent branch.commit id" />
<property name="sonar.timemachine.period5" value="parent branch.commit id" />

how to find the parent branch: see this,
how to get the latest commit id. see How to tell which commit a tag points to in Git?

Community
  • 1
  • 1
Moonken
  • 11
  • 1