SonarQube preview mode for pull request shows all issues instead of diff

Question

We'd like to have code analysis results from SonarQube in Stash pull requests, more precisely only for the changed/added code.

The setup looks like this:

• Atlassian Bitbucket v4.14.4
• Jenkins ver. 2.69
• SonarQube Version 6.4 (with sonar-stash plugin from https://github.com/AmadeusITGroup/sonar-stash)

Jenkins fetches changes in branches and builds them. Depending on the branch it will then (for the development branch) call SonarQube to (per default) publish its analysis. For pull requests we want a preview, so SonarQube is called with the parameter -Dsonar.analysis.mode=preview. Additional parameters for the sonar-stash plugin are working so that the analysis result is sent to Stash (Bitbucket) from SonarQube. The problem is, that the results contain all issues/bugs/violations based on the complete source code, not on the changes.

Narrowed this issue down to a problem that the sonar-stash plugin uses a list of issues which are filtered to contain only those issues that are new and linked to a file. So it looks like all issues are marked as new which is strange because in SonarQube we have a baseline for our known (legacy) issues.

Thanks for your time and feedback!

Answer 1

I had a pretty similar issue, my resolution is outlined in the answers below.

My SonarQube Pull Request Issues only question