Setting up the pull request analysis
With SonarQube Server, a pull request analysis occurs when a pull request is opened and every time a change is pushed to the pull request branch.
Prerequisites
The pull request analysis must be integrated into a CI pipeline. For more information, see Integration into your CI pipeline on the SonarQube Server analysis overview page.
Before analyzing your pull requests, make sure that:
- The pull request source branch is checked out in the CI/CD host’s local repository. 
- The branch being targeted by the pull request (target branch) is fetched in the CI/CD host’s local repository (This is usually done through the cloning of the remote repository by the CI pipeline). 
- The CI/CD host’s local repository contains valid repository metadata (e.g. the - .gitfolders have not been removed). Avoid any attempt at previewing the merge or actions involving your main branch. See Checked-out code.
- The code in the CI/CD host’s local repository matches the code in the remote repository (e.g once a pull request is issued, no code is added to the local branch on the CI side before analysis). 
- If you use AWS CodeBuild, the - LOCAL_SOURCE_CACHEfeature must be disabled for accurate pull request analysis (otherwise, new code won’t be properly detected).
Setting up the pull request analysis
To set up the Introduction:
- Add the SonarQube Server analysis step to your pull request CI pipeline. See the corresponding section of your CI tool in this documentation: 
- Make sure that the SonarScanner gets the pull request parameters required for the project analysis: see Setting up the pull request parameters below. 
- In addition, you can configure the pull request decoration: see Configuring the quality gate status report below. 
Setting up the pull request parameters
The SonarScanner can automatically detect the pull request parameters when running on the following CI services (you don’t need to perform any additional setup):
- Azure Pipelines 
- Bitbucket Pipelines 
- Cirrus CI 
- Codemagic 
- GitHub Actions 
- GitLab CI/CD 
- Jenkins (with the Branch Source plugin configured) 
The table below lists the analysis parameters specific to the pull request analysis that are required by the SonarScanner. See Analysis parameters for information about the setup of analysis parameters for the scanner.
Parameter Name
Description
sonar.pullrequest.key
Unique identifier of your pull request. Must correspond to the key of the pull request in your DevOps Platform.
Example: sonar.pullrequest.key=5
sonar.pullrequest.branch
The name of the branch that contains the changes to be merged.
Example: sonar.pullrequest.branch=feature/my-new-feature
sonar.pullrequest.base
The branch into which the pull request will be merged (target branch).
Default: main branch
Example: sonar.pullrequest.base=main
Manually setting pull request parameters overrides automatic detection.
Configuring the quality gate status report
You can report the pull request analysis and quality gate status directly in your DevOps platform’s interface (pull request decoration). For projects bound in SonarQube Server to their DevOps platform repository (this requires the integration setup of your DevOps platform with SonarQube Server), the quality gate status report is automatically set up. For more information, see the DevOps platform integration page that corresponds with your DevOps platform:
Last updated
Was this helpful?

