Can SonarQube perform retrospective analysis of past commits?

1
votes

I am considering the implementation of a Code Quality tool for our team's Projects.

SonarQube seems to be a good choice. I haven't gotten the ideal workflow figured out yet (we use SVN and Maven Projects and have a Jenkins server running the tests on every commit).

Aside from the importance of being able to analyse the quality of the current commit, historical evolution is also very interesting.

Given that we already have a few years of commits, is it possible, when setting up the project, to request a retrospective analysis of those commits, or will SonarQube only work for the commits from the day it is installed onwards?

2
sonarqubesoftware-quality

2 Answers

1
votes

SonarQube only displays data uploaded by scanners. You can checkout to any commit (read more here: Checkout a specific revision from Subversion from the command line) and next execute a scanner. The used scanner depends of what kind of a build tool you use:

The analysis result will be pushed to a SonarQube sever. Unfortunately, it is always treated as the last version of the application, so you cannot "insert" analysis of some old commits to the project history. But do you really need it? Scanners always analyze all sources. If somebody added some code three years ago and nobody deleted it, then it will be available on the server. If the code is deleted, then you shouldn't spend time on analyzing something, what doesn't exist anymore. That's why SonarQube always shows the last state of the project.

You can read a good blog post written by Fabrice Bellingrad (April 06, 2016): Stop planning; fix the leak!

Read more about SonarQube Architecture and Integration.

0
votes

Yes, this is possible using the sonar.projectDate analysis parameter. Its purpose is precisely what you are asking for.

Quote from the docs:

Assign a date to the analysis. This parameter is only useful when you need to retroactively create the history of a not-analyzed-before project. The format is yyyy-MM-dd, for example: 2010-12-01. Since you cannot perform an analysis dated prior to the most recent one in the database, you must analyze recreate your project history in chronological order, oldest first.

You could for example check out your last 10 version tags in chronological order (oldest first!). For each tag run the analysis with sonar.projectDate set to the date the tag was created.