Github PR decoration - image links broken

Benmatic · May 6, 2020, 1:48pm

Environment:
SonarQube version: 8.3.0.34182 / Developer Edition / Running in GKE
Deployment is not publicly available, internal network only
Single ALM - github.com (not enterprise)

Bug Description:
The Github PR analysis results written to conversation and checks tabs in Github have broken image links. The image origin is https://<sonarqube-internal.com/static/developer-server/checks/QualityGateBadge/passed.svg which is not available to the Github image proxy service (camo).
Ref: https://help.github.com/en/github/authenticating-to-github/about-anonymized-image-urls

Steps to reproduce:
Run sonar-scanner locally with PR settings:

sonar.pullrequest.key=15
sonar.pullrequest.branch=charlie
sonar.pullrequest.base=master

Examples
Error/bug:
GITHUBPRERRORS

Images should load as shown from SonarQube documentation:
Side by side2

Leroy · May 6, 2020, 5:08pm

I’m having the same problem with the same version.

pierreguillot · May 7, 2020, 8:55am

Hi, just to be extra sure: your SonarQube instance is not publicly accessible, right?

Benmatic · May 7, 2020, 1:01pm

@pierreguillot Correct, not public. This issue would only present itself when the SonarQube instance is not public.

Related bug report from 7.9 version: https://community.sonarsource.com/t/github-pull-request-decoration-images-are-broken/12695

pierreguillot · May 7, 2020, 1:20pm

Ok, so here is the relevant ticket that will address this : SONAR-13106.

The workaround, before this ticket gets implemented, would be to allow the GitHub proxy server to access your SQ instance, to fetch the images.

Fernando_Torres · June 4, 2020, 8:41am

Hi, we also use Developer edition and our Sonarqube instance is not public accessible. What is this Github proxy? Is something out of the box that we configure or you are suggesting some proxy rules in our ingress infrastructure?

Could it be fixed by using the base64 image code instead refferring to the file itself?

<img src="data:image/jpeg;base64,/9j/4RiDRXhpZgAATU0AKgA..." width="100" height="50" alt="base64 test">

Sam_Anthonisz · July 17, 2020, 2:40am

Hi, we’re getting exactly the same issue following updating our test Enterprise edition instance to 8.4.1.

It’s incredibly frustrating as everything works fine on our 7.9 LTS instance. I raised Images in PR Decoration - SonarQube 7.7 and GitHub Enterprise Cloud over a year ago and it was specifically fixed in 7.9 so surely this is a regression?

I can see in 7.9 that images are being sourced from https://sonarsource.github.io/sonarcloud-github-static-resources (which is publicly accessible), whereas in 8.4.1 they have reverted back our SonarQube instance’s URL (which is not publicly accessible). Why the change back???

Thanks,

Sam