Error in Gitlab Merge request Decoration and multiple branch analysis for public projects on Sonar cloud free account

ALM used - Gitlab

• CI system used - Gitlab CI

• Scanner command used when applicable (private details masked)

• Languages of the repository - PHP

• Only if the SonarCloud project is public, the URL - https://sonarcloud.io/dashboard?id=Dipendu_world4help

  • And if you need help with pull request decoration, then the URL to the PR too - https://gitlab.com/Dipendu/world4help/-/merge_requests/4

• Commit in branch named branch-test - https://gitlab.com/Dipendu/world4help/-/jobs/675425114

• Below Error is observed in Merge Request and Multiple branch analysis

INFO: User cache: /builds/Dipendu/world4help/.sonar/cache
ERROR: SonarQube server [http://localhost:9000] can not be reached

• Steps to reproduce - Create a merge request to the master branch of the repository

Unable to view MR decoration and multiple branch analysis, due to the above error

Hi @Dipenduroy,
It seems like there is a confusion somewhere in your configuration between SonarQube and SonarCloud.
Could you please check if you have Global Environment variable on GitLab side? (Settings > CI/CD > Variables)

Christophe

I have already assigned the variables

Screenshot 2020-08-07 at 6.16.27 PM1152×720 77.1 KB

Have you checked you SONAR_HOST_URL doesn’t link to any Localhost instance?

First of all, When i didn’t pass the host url in gitlab ci yaml it gave below error, it should automatically pick the environment variables defined in gitlab ci/cd settings, But it didn’t, so I guess this is a bug.

INFO: User cache: /builds/Dipendu/world4help/.sonar/cache
ERROR: SonarQube server [http://localhost:9000] can not be reached

Later on when I passed the host URL like below

script:
    - sonar-scanner -Dsonar.qualitygate.wait=true -Dsonar.branch.name=branch-test -Dsonar.host.url=https://sonarcloud.io

I received an error

INFO: Working dir: /builds/Dipendu/world4help/.scannerwork
INFO: Load project settings for component key: 'Dipendu_world4help'
INFO: Load project settings for component key: 'Dipendu_world4help' (done) | time=208ms
INFO: Found an active CI vendor: 'Gitlab CI'
INFO: Load project branches
INFO: Load project branches (done) | time=124ms
INFO: Check ALM binding of project 'Dipendu_world4help'
WARN: Failed to check if project 'Dipendu_world4help' is bound
INFO: Detected project binding: ERROR
INFO: Check ALM binding of project 'Dipendu_world4help' (done) | time=107ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=123ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=3ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=175ms
INFO: Load active rules
INFO: Load active rules (done) | time=3840ms
INFO: Organization key: dipendu
INFO: Branch name: branch-test, type: long living
INFO: Indexing files...
INFO: Project configuration:
INFO: Load project repositories
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 12.655s
INFO: Final Memory: 21M/69M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarScanner execution
ERROR: You're not authorized to run analysis. Please contact the project administrator.
ERROR: 
ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.
ERROR: Job failed: exit code 1

Hello @Dipenduroy,

Concerning the first error where the SONAR_HOST_URL environment variable is not read by the scanner. I can see in your screenshot that the variable was marked as protected. The GitLab documentation states Protected variables are only exposed to protected branches or tags. My guess is that the branch branch-test was not protected. You can configure this under Settings > Repository > Protected Branches

Concerning the second error You're not authorized to run analysis. Please contact the project administrator. This is probably because the SONAR_TOKEN variable is not read correctly either.

You can either

• run it from a protected branch
• uncheck the protected flag for the variable
• add it to the sonar-scanner command: sonar-scanner -Dsonar.token=<token>.

Since your repository is public I recommend the first option.

I hope that helps.

Hi @TomVanBraband,
I am glad that you could find the issue of why sonarcloud was unable to start due to missing variables. Thanks, and after your help, I was able to start the multiple branch sonarcloud analysis only after adding the branch parameter in the command as below.

sonar-scanner -X -Dsonar.qualitygate.wait=true -Dsonar.branch.name=branch-test

Is it mandatory to add that branch parameter in sonar-scanner, the branches defined in only of gitlab-ci.yaml is not sufficient as below?

only:
    - merge_requests
    - master
    - branch-test
    - branch-no

And no comments from sonar cloud regarding the analysis(merge request decoration/comment) is observed in the gitlab merge request
as suggested here

Hi @Dipenduroy,

I see you closed the merge request you had open, is the issue resolved?

The configuration on your default branch seems correct to me.

sonarcloud-check:
  stage: sonarcloud-check
  image:
    name: sonarsource/sonar-scanner-cli:latest
    entrypoint: [""]
  cache:
    key: "${CI_JOB_NAME}"
    paths:
      - .sonar/cache
  script:
    - sonar-scanner -X -Dsonar.qualitygate.wait=true 
  only:
    - merge_requests
    - master
  dependencies:
    - test

If the issue is not resolved yet, can you check if the token you defined is still valid?
You can find this by navigation to your organization on SonarCloud and clicking on Administration > Organization settings

@TomVanBraband The issue of comments on merge request is resolved after i added the test cases and its configuration in Sonar Scan. Thanks for your help.