Github and sonarcloud

github
sonarcloud

(patrik) #1

We are trying to add sonarcloud analyze to our pull requests in github.

We have installed the app sonarcloud app https://github.com/apps/sonarcloud, and tried to read the documentation https://sonarcloud.io/documentation/integrations/github/ but we cannot get it to work.

Can anyone explain in more detail what we need to do to get the sonarcloud.io analyze result visible in the PR in github?

We are using azure devops as CI to trigger builds.


(Dinesh Bolkensteyn) #2

Hi @patrik

The following pages provide additional information on how to integrate Azure DevOps with GitHub pull requests:

Let us know if you need any further help.


(patrik) #3

I am looking for sonarcloud.io to post analyze comments to github (as seen in the screenshot below).

Is there some specific parameters that I must set in the “Prepare analysis on SonarCloud”-step in azure devops?

We are reviewing the PR in github, we only use azure devops to build and deploy.


(Fabrice Bellingard) #4

This should work out of the box if you have installed the SonarCloud GitHub Application: https://github.com/apps/sonarcloud

(this is what our .NET team is doing at SonarSource - cc @Ammo)


(patrik) #5

Ok, it doesn’t work for me. But I get this permission requests when I try to install it.
Our setup is that we have a Organization account and not a personal account. Could that be an issue?

image


(Fabrice Bellingard) #6

This should work on an organization account Patrik. Have you accepted the permissions?


(patrik) #7

I don’t know how I can accept the requested permissions.


(Fabrice Bellingard) #8

OK, let’s see where you stand for now:

  1. When you create a PR and pushes code on it, does this PR appear in SonarCloud? (a couple of minutes later) Something like:
    • If yes, this means that your Azure Pipeline does trigger successfully the analysis, then go to question #2
    • If no, this means that you have an issue with your job on Azure Pipeline: you need to run it in debug mode and with sonar.verbose=true properties to see what’s going wrong in the logs
  2. So you see the PR in SonarCloud: click on it to go on the details page. Do you see a warning on the right side, like:
    • If yes, what does it say?

(patrik) #9
  1. Yes I see the branches in SonarCloud. However I noticed they have the label “Short-lived branches” and not Pull Requests. That is probably some part of the issue.

38%20AM

When I changed the CI to trigger on PR instead then I got this error:
ERROR: Pull request with branch does not exist on server: development

That is probably because my PR are based on the “development” branch, but the main branch in sonarcloud is master.

Is is possible to have both master and development in the same project and let the PR be based on the development branch?

Because I want to follow statistics / code quality on the master branch, but during development I want to follow the quality on each PR.

Or do I need to create two different projects for this in sonarcloud?


(patrik) #10

I renamed the main branch to ‘development’ in sonarcloud and then everything started to work. So now it comment on the PR commits.

Thanks for your help!


(Fabrice Bellingard) #11

Glad you managed to get out of this Patrik!