All pull_reuqest triggered job failed but workflow_dispatch success

taojintianxia · May 10, 2023, 4:57pm

hi , community.

this is nianjun from Apache/ShardingSpehere project.

recently we add the sonarcloud job for analyze the code quality, and all analysis scheduled in night were sucess, so we decide to add sonarcloud analyze to pull_request action.

but it’s a little bit strage, all sonarcloud action triggered by pull_request failed, but for the same action , if triggered by workflow_dispatch(manually luanch) will sucess

not sure if there is any problem with this action.

github.com

apache/shardingsphere/blob/master/.github/workflows/check-sonarcloud.yml

#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

name: Check - SonarCloud

on:

This file has been truncated. show original

ganncamp · May 12, 2023, 1:58pm

Hi,

Can you share the analysis log for one of these failures?

The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.

This guide will help you find them.

Ann

taojintianxia · May 15, 2023, 2:47am

Hi there

thanks for your attention, the error is as followings:

Error:  Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar (default-cli) on project shardingsphere: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator -> [Help 1]

and after read the most of the maven log, I found something interesting
the log of maven triggered by pull request getting something wrong with check bound:

[INFO] Check ALM binding of project 'apache_shardingsphere'
Warning:  Failed to check if project 'apache_shardingsphere' is bound
[INFO] Detected project binding: ERROR
[INFO] Check ALM binding of project 'apache_shardingsphere' (done) | time=615ms
[INFO] Load project pull requests
[INFO] Load project pull requests (done) | time=641ms
[INFO] Load branch configuration
[INFO] Github event: pull_request

but the log of maven triggered manully or nightly build is getting the successful bound check.

pawellabaj · May 15, 2023, 9:11am

I have the same or very similar situation in GitHub - pawellabaj/auto-record: Java record source generator project.

If you think I should report a new ticket, please let me know.

I have a workflow that executes maven verification with SonarCloud. It worked for a couple of weeks without problems.

Recently I get PRs created by DependaBot, i.e.: build: maven: (deps): bump jacoco-maven-plugin from 0.8.9 to 0.8.10 by dependabot[bot] · Pull Request #77 · pawellabaj/auto-record · GitHub
Workflow is failing with follwing warning and errors:

[INFO] Project key: pawellabaj:auto-record
(...)
[INFO] Check ALM binding of project 'pawellabaj:auto-record'
Warning:  Failed to check if project 'pawellabaj:auto-record' is bound
[INFO] Detected project binding: ERROR
[INFO] Check ALM binding of project 'pawellabaj:auto-record' (done) | time=811ms
(...)
[INFO] Organization key: pawellabaj
[INFO] Branch name: dependabot/maven/org.jacoco-jacoco-maven-plugin-0.8.10, type: short-lived
(...)
Error:  Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar (default) on project auto-record: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator -> [Help 1]

When I run workflow manually on this branch, everything is fine.
When I checkout the branch on the local machine and run maven verification, everything is fine.

ganncamp · May 15, 2023, 2:19pm

Hi @taojintianxia,

This is the key:

It looks like either your PR analysis isn’t getting the basic settings (e.g. sonar.projectKey or the envvar SONAR_TOKEN isn’t being set in that environment.

@pawellabaj please do create a new thread. (And welcome to the community! )

Ann

pawellabaj · May 15, 2023, 6:24pm

Hi,

You can see in provided logs that sonar.organization and sonar.projectKey are being read from pom.xml:

[INFO] Organization key: pawellabaj
[INFO] Project key: pawellabaj:auto-record

In addition, everything is fine, when I execute the workflow manually with workflow_dispatch event. In both cases, the workflow uses the same pom.xml and env variables from GitHub secrets.

taojintianxia · May 17, 2023, 4:08am

hi

in fact, the SONAR_TOKEN and project related info are set in workflow yml file. if not set these info, the nightly build or mannually build will not success.

ganncamp · May 17, 2023, 11:58am

Hi,

I’ve yet to see a case where this error didn’t actually boil down to one of those three values being missing or messed up.

Ann

pawellabaj · May 30, 2023, 8:11am

It might be related to the author of a pull request.

When I created a PR, everything is OK. When a PR is created by a bot (dependabot in this case), the problem occurs.

G Ann Campbell (ganncamp), is there anything I could check to investigate it further?

ganncamp · May 30, 2023, 12:42pm

Hi,

I would look at what’s in the environment (e.g. SONAR_TOKEN) for each type of author.

HTH,
Ann

pawellabaj · May 30, 2023, 1:22pm

I had to add SONAR_TOKEN secret for Dependabot.

I thought that bots uses the secrets from my account.

Now it works.