Enabling analysis of JS Security hotspot make CI/CD pipeline integrating with Sonarcloud hung in master branch

Adam_Tran · March 11, 2019, 3:37am

Hi Support team,

Currently, after Sonarclould released JS security hotspot analysis on 04 Mar, 2019, our CI/CD pipeline that allow SonarClould integration for JS code analysis is getting hung in master brach after adding these rule to our Javascript Quality Profile. It is weird that the issue doesn’t happen to other branches of the same source code/repo.

Could you help to check and fix it?

Regards,

Adam_Tran · March 25, 2019, 7:56am

I solved. It is because of JS Security Hotspot analysis requiring Nodejs

Wouter_Admiraal · March 25, 2019, 8:19am

Hi @Adam_Tran.

Glad you solved it. But what do you mean by “hung”? Did the analysis just hang and timeout? Wasn’t there an error message?

Adam_Tran · March 25, 2019, 8:44am

Hi @Wouter_Admiraal,

It hung forever in non-interaction mode. However, for interaction mode, there is error/exception that informed the omission.