Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SONARJAVA-5368 Remove useless build during mend scan #5042

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

SONARJAVA-5368 Remove useless build during mend scan #5042

wants to merge 1 commit into from
+0 −1

Conversation

leonardo-pilastri-sonarsource
Copy link
Contributor

@leonardo-pilastri-sonarsource leonardo-pilastri-sonarsource commented Feb 27, 2025
edited by jira bot
Loading

@hashicorp-vault-sonar-prod hashicorp-vault-sonar-prod bot changed the title Remove useless build during mend scan SONARJAVA-5368 Remove useless build during mend scan Feb 27, 2025
@dorian-burihabwa-sonarsource
Copy link
Contributor

Do we see any difference in the results on Mend?

@sonarqube-next SonarQube-Next
Copy link

Quality Gate passed Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@leonardo-pilastri-sonarsource
Copy link
Contributor Author

Do we see any difference in the results on Mend?

I ran the ws_scan on master and right after on this branch, I could see the two different build numbers on mend with the same results. Sadly there is no direct way to compare two different scans/builds.

By comparing the logs I can see that the only relevant difference is that on master we perform the build of the project before running mend. But on this branch we are anyway able to pick up the latest build that was produced by the build_task and use that. What happens on master is an extra build with the same buildNumber used in the previous task, which is pointless.

This is the final output of the ws_scan on master:

------------------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------- WhiteSource Scan Summary: --------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------------------------
======================================================================================================================================================
Scan Origin: Local File System
======================================================================================================================================================
Step                                              Completion Status               Elapsed                  Comments
======================================================================================================================================================
Fetch Configuration                                  COMPLETED                  00:00:00.085               --------
Pre-Step And Resolve Dependencies                    COMPLETED                  00:00:09.058               175 total dependencies (54 unique)
   MAVEN                                             COMPLETED                  00:00:08.748               175 total dependencies (54 unique)
Scan Files Matching Includes Pattern                 COMPLETED                  00:00:00.414               0 source/binary files
Check Policies                                       COMPLETED                  00:00:12.481               --------
Update Inventory                                     COMPLETED                  00:00:00.786               1 updated projects

======================================================================================================================================================
Elapsed running time:                                                           00:00:22.824
======================================================================================================================================================
Process finished with exit code SUCCESS (0)

and this is the corresponding output for this branch:

------------------------------------------------------------------------------------------------------------------------------------------------------
------------------------------------------------------------- WhiteSource Scan Summary: --------------------------------------------------------------
------------------------------------------------------------------------------------------------------------------------------------------------------
======================================================================================================================================================
Scan Origin: Local File System
======================================================================================================================================================
Step                                              Completion Status               Elapsed                  Comments
======================================================================================================================================================
Fetch Configuration                                  COMPLETED                  00:00:00.086               --------
Pre-Step And Resolve Dependencies                    COMPLETED                  00:00:09.388               175 total dependencies (54 unique)
   MAVEN                                             COMPLETED                  00:00:09.106               175 total dependencies (54 unique)
Scan Files Matching Includes Pattern                 COMPLETED                  00:00:00.366               0 source/binary files
Check Policies                                       COMPLETED                  00:00:12.499               --------
Update Inventory                                     COMPLETED                  00:00:00.766               1 updated projects

======================================================================================================================================================
Elapsed running time:                                                           00:00:23.105
======================================================================================================================================================
Process finished with exit code SUCCESS (0)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@leonardo-pilastri-sonarsource @dorian-burihabwa-sonarsource