florianmutter
commented
4 months ago Seem like setting sonar.scm.revision=${{github.event.pull_request.head.sha}} does fix this. Not sure if this breaks something else.
Closed florianmutter closed 3 months ago
florianmutter
commented
4 months ago Seem like setting sonar.scm.revision=${{github.event.pull_request.head.sha}} does fix this. Not sure if this breaks something else.
mc1arke
commented
3 months ago This is working as expected: Sonarqube uses the Git metadata to work out what is being scanned, and doesn't know what in that metadata is actually in remote or not. If your build-script is doing something to alter Git (e.g. merging to branches) then you need to tell Sonarqube about that by telling if what commit you want it to report against. The only impact this would have would be in reporting of issues against an invalid line if there were unexpected changes being made in the merge process.
When a
pull_requestevent is triggered the default commit that is checked out byactions/checkoutis a ephemeral commit where github merged the branch of the pull request into the base branch. When running the sonar scanner on this git state the check run result is attached to this commit. This commit is no where visible in the github ui (or at least I could not find it). The check run does also not show up in the list of checks for a PR.To Reproduce Steps to reproduce the behavior: Run sonar-scanner in a github action with
pull_requesttrigger.Expected behavior Check should be in list of pull request checkls
Screenshots If applicable, add screenshots to help explain your problem.
Software Versions
See also https://community.sonarsource.com/t/last-analysis-is-from-a-commit-that-doesnt-exists-on-the-repository/119566