Summary
When a PR is made or updated in our organization’s GitHub repository, it successfully triggers a Travis CI build which then kicks off code analysis reporting in SonarCloud.
SonarCloud correctly displays newly introduced bugs and code coverage for the lines that were added in the pull request.
The problem is that SonarCloud doesn’t decorate the pull request in GitHub and doesn’t fill the “Checks” tab in the associated pull request. The “Checks” tab just displays Waiting for checks information....
If the code changes don’t pass the quality gate, the pull request also isn’t prevented from merging into the target branch.
Technical details
- Language and build tool: Java 11, Maven
- Travis CI build: link
- SonarCloud project: link
- Example of pull request that doesn’t pass quality gate: (SonarCloud)
- GitHub repository: link
- Example of failing pull request that is not decorated by SonarCloud: (GitHub)
Additional information
We started this project in 2018 and created a ‘bot’ GitHub user account and configured tokens so that SonarCloud could comment on our pull requests. This worked well.
No changes were made to the project in over two years, until we came back to it recently. I found out that SonarCloud now uses a GitHub app to integrate with projects, so the app was installed and configured into our project.
When I click “Configure” on the SonarCloud app in the “Integrations” tab of our project on GitHub, it shows that both required permissions are checked. Under “Repository Access” I selected “Only selected repositories” and underneath I selected our project repository.
