7.7 PR - Decoration Could not find a suitable sha1 to decorate, skip decoration

  • versions used (SonarQube, Scanner, Plugin, and any relevant extension)
    sonar 7.7 developer edition
  • error observed (wrap logs/code around triple quote ``` for proper formatting)
    It ssys that sonarqube can’t find the Sha1 , whereas the get call is using the correct git commit id(in bold).
2019.07.12 10:29:28 DEBUG ce[AWvluvuuUyBW09Jyq893][o.k.github.GitHub] Rate limit now: GHRateLimit{remaining=49993, limit=50000, resetDate=Fri Jul 12 10:36:14 UTC 2019}
2019.07.12 10:29:28 DEBUG ce[AWvluvuuUyBW09Jyq893][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@495ecc027 pairs: {GET /api/v3/repos/AdobeStarling/starling/statuses/**bab5918754f1dff3342e0693e406744b95ad7465** HTTP/1.1: null}{Authorization: token v1.fd272b208ab31e5692c2e175894015203f0b32d3}{Accept-Encoding: gzip}{User-Agent: Java/1.8.0_73}{Host: git.corp.adobe.com}{Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2}{Connection: keep-alive}
2019.07.12 10:29:28 DEBUG ce[AWvluvuuUyBW09Jyq893][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@611c6c9524 pairs: {null: HTTP/1.1 200 OK}{Server: GitHub.com}{Date: Fri, 12 Jul 2019 10:29:29 GMT}{Content-Type: application/json; charset=utf-8}{Content-Length: 2}{Status: 200 OK}{X-RateLimit-Limit: 50000}{X-RateLimit-Remaining: 49992}{X-RateLimit-Reset: 1562927774}{Cache-Control: private, max-age=60, s-maxage=60}{Vary: Accept, Authorization, Cookie, X-GitHub-OTP}{ETag: "b8ef1f991cde41a1cc5bea800d952d86"}{X-GitHub-Enterprise-Version: 2.16.8}{X-GitHub-Media-Type: unknown, github.v3}{Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type}{Access-Control-Allow-Origin: *}{X-GitHub-Request-Id: ee2b319d-7a12-4e2d-a7e4-bcb647ec31b1}{Strict-Transport-Security: max-age=31536000; includeSubdomains}{X-Frame-Options: deny}{X-Content-Type-Options: nosniff}{X-XSS-Protection: 1; mode=block}{Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin}{Content-Security-Policy: default-src 'none'}{X-Runtime-rack: 0.024641}
2019.07.12 10:29:28 DEBUG ce[AWvluvuuUyBW09Jyq893][o.k.github.GitHub] Rate limit now: GHRateLimit{remaining=49992, limit=50000, resetDate=Fri Jul 12 10:36:14 UTC 2019}
2019.07.12 10:29:28 WARN  ce[AWvluvuuUyBW09Jyq893][c.s.C.C.D.L] Could not find a suitable sha1 to decorate, skip decoration.
2019.07.12 10:29:29 INFO  ce[AWvluvuuUyBW09Jyq893][o.s.c.t.CeWorkerImpl] Executed task | project=starling | type=REPORT | pullRequest=711 | id=AWvluvuuUyBW09Jyq893 | submitter=starling | status=SUCCESS | time=3219ms

  • potential workaround

P.S.: use the #bug:fault sub-category if you’re hitting a specific crash/error , or the #bug:fp sub-category for rules-related behaviour


The PR decoration wasn’t done because the sha1 of the commit that was analyzed by SonarQube Scanner does not correspond to neither the sha1 of the head nor the merge commit of the pull request.
Maybe the pull request was changed while the analysis was on going? Or perhaps the wrong commit was somehow analyzed in the first place?

Brach head is same as commit id shown in log. there is single commit in PR and that is same.
Pull request wasn’t changed. I have verified all this. Let me know if there is something else I am missing

So there is no chance your build system created a merge commit when building and analyzing the P/R?

Did this happen once or happens consistently? Could you provide the logs of the scanner (debug enabled if possible)?

Many chances were done to the branch and P/R support in 7.8 and 7.9. Have you considered upgrading to the latest LTS? No guarantee that the problem would be fixed, though.

It’s been solved. Looks like jenkins was building the master branch instead of PR branch.I thought adding only base brach parameter should work which isn’t the case There weren’t proper instructions to run a build job anywhere ,which can be added as lot of people use jenkins to build .

Glad it’s working now, thanks for letting us know.
There is documentation about setting up pipelines, but it doesn’t necessarily cover everything since there are many different ways to trigger a Jenkins job, going out of scope of SonarQube.