Code is empty on Pull Request reviews

sonarcloud
php
github
scanner

(Alexis Saettler) #1

Hi,
Pull Request reviews is a very nice feature! Thank you so much.

Problem is the “Code” tab is always empty on my Pull Request reviews.
Example : https://sonarcloud.io/code?id=monica&pullRequest=1553
The only message is “No results”, but I added some code (and bugs) in this PR to test Sonar.

The consequence is all PR reviews are always OK, even if there is a new bug … which reduce the interest of PR review!

I ran sonar-scanner with these options:

sonar.analysis.buildNumber
sonar.analysis.pipeline
sonar.analysis.sha1
sonar.analysis.repository
sonar.pullrequest.key
sonar.pullrequest.base
sonar.pullrequest.branch
sonar.pullrequest.github.id
sonar.pullrequest.provider
sonar.pullrequest.github.repository

Thank you


PR analysis shows no code on one specific long-lived branch
Gradle Subprojects not reported to Sonarcloud for Github Pull Requests
(Fabrice Bellingard) #2

Hi Alexis,

I’ve just made a test on my side to replicate your use case, and I do get issues on the PHP file. There must be a problem somewhere on CI side. Which CI service/software are you relying on? Can we get access to the logs?


(Alexis Saettler) #3

Hi Fabrice.
We use CircleCI and sonarscanner 3.2.0.1227
See this build: https://circleci.com/gh/monicahq/monica/6214 (“Run sonnar scanner” step).
The report is done (EXECUTION SUCCESS)

This one is a build on master: https://circleci.com/gh/monicahq/monica/6252
With master, all errors are reported and it works perfectly.

On master, the end of the report looks like:

INFO: Calculating CPD for 263 files
INFO: CPD calculation finished
INFO: Analysis report generated in 748ms, dir size=3 MB
INFO: Analysis reports compressed in 2106ms, zip size=1 MB
INFO: Analysis report uploaded in 964ms

On the branch/PR, it looks like:

INFO: Skipping CPD calculation for short living branch and pull request
INFO: Analysis report generated in 132ms, dir size=55 KB
INFO: Analysis reports compressed in 11ms, zip size=16 KB
INFO: Analysis report uploaded in 382ms


(Fabrice Bellingard) #4

OK, let’s try to debug this. Can you add -Dsonar.verbose=true when running the scanner please?

Also:


(Alexis Saettler) #5

I ran a scan with verbose option, see https://circleci.com/gh/monicahq/monica/6298
I also removed sonar.pullrequest.github.id option, and installed the Sonarcloud application. This is great !


(Duarte Meneses) #9

Hi @asbin,
Could you please try to restart the build and the analysis with SonarCloud of the PR?
We can’t reproduce the problem and we just want to exclude the possibility that the problem is no longer happening due to the changes that were done meanwhile in master.

I’m asking this because I cloned the Monica repo, analysed it and reproduced the PR: it is correctly analysed => https://sonarcloud.io/project/issues?id=monica_test&pullRequest=1553&resolved=false

Thanks.


(Alexis Saettler) #10

Hi @dmeneses
I updated the sonar.links.ci property, and launched an other analysis.
See https://circleci.com/gh/monicahq/monica/6563

Thank you for your help !


(Duarte Meneses) #11

Thanks.
So the only thing we can think of is that the clone of the git repository in circleci has some references that are no longer valid.
Could you please add, to the P/R, the following to the runsonar.sh (in the method gitFetch, for example):

git fetch --all
git branch -D master
git rev-parse origin/master

This will update all remote references, delete local master branch (if exists) and print the current remote reference to master.


PR analysis shows no code on one specific long-lived branch
(Alexis Saettler) #12

Thank you very much, it’s working well now.
The PR display now the errors, like the analysis on SonarCloud.


Short-lived branch analysis seems to be empty
(Fabrice Bellingard) #13

That’s good to hear @asbin! Do you know what the problem was in the end?


(Duarte Meneses) #14

Looking at what is done by circleci after cloning the github repo, assuming that there is no tag:

git reset --hard "$CIRCLE_SHA1"
git checkout -q -B "$CIRCLE_BRANCH"
git reset --hard "$CIRCLE_SHA1"

This looks buggy to me. It’s pointing master to the the commit being built (which in this case is HEAD of test-sonar), then it checks out the branch (test-sonar) and points it as well to the same sha1. As a result, the local reference to master is wrong (pointing to the test-sonar instead of master).

I will try to report it to circleci.

Edit: bug report created https://discuss.circleci.com/t/git-checkout-of-a-branch-destroys-local-reference-to-master/23781