Gitlab pull request decoration doesn’t work

SonarQube Server / Community Build
, ,
1

Hi,

I am using SonarQube 9.9.1, GitLab Community Edition v17.2.7.

Our project is hosted on Gitlab and we already set up pull request decoration successfully.
However recently gitlab token is expired, and gitlab is upgraded and we just re-generate token and it is not working.

Steps:

  • gitlab: Go to gitlab > in Preferences of user > click Access Tokens > create new token with full permission
    image
    image1415×918 97 KB
  • sonarqube: Go to sonarqube > Administration > Configuration > DevOps Platform Integrations > API: https://{gitlab domain}/api/v4
    image
    image1494×647 32.2 KB
  • Enable debug log of sonarqube: follow SonarQube's server logs and system info
  • Check log of merge request then everything is success
2024.09.20 09:52:43 INFO  ce[AZIO2ODSIEZmVDQ2yZmH][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Pull Request decoration | status=SUCCESS | time=77ms
2024.09.20 09:52:43 INFO  ce[AZIO2ODSIEZmVDQ2yZmH][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Report branch Quality Gate status to devops platforms | status=SUCCESS | time=1ms
2024.09.20 09:52:43 DEBUG ce[AZIO2ODSIEZmVDQ2yZmH][o.s.c.a.AnnotationConfigApplicationContext] Closing org.springframework.context.annotation.AnnotationConfigApplicationContext@55cda666, started on Fri Sep 20 09:52:28 UTC 2024, parent: org.springframework.context.annotation.AnnotationConfigApplicationContext@50e5edab
2024.09.20 09:52:43 DEBUG es[][o.e.m.f.FsHealthService] health check succeeded
2024.09.20 09:52:43 INFO  ce[AZIO2ODSIEZmVDQ2yZmH][o.s.c.t.CeWorkerImpl] Executed task | project=data-service | type=REPORT | pullRequest=880 | id=AZIO2ODSIEZmVDQ2yZmH | submitter=admin | status=SUCCESS | time=16027ms

Any suggestion to resolve this issue would be very much appreciated!

Thanks!

2

Hi,

GitLab declared an incident on their side today. Among other things (I assume) it’s interfering with SonarCloud MR decoration, and that could be the problem here too. When did this start for you?

 
Thx,
Ann

3

Hi G Ann,

It happened since operation team of gitlab upgraded gitlab to the version v17.2.7 (about 2 weeks ago).

Regards,
Uyen

1 Like
4

Hi,

The token expired on the GitLab side, right? And when you entered the new token into SonarQube, did you click the ‘Check configuration’ button?

What are the permissions of the GitLab user on the project in question? (I’m asking based on SONAR-19695)

 
Ann

5

Hi,

Yes, I already click the ‘Check configuration’ button and you could see it in my capture about gitlab

image
image1868×808 151 KB

Thanks!

9

Hi,

 
Thx,
Ann

10

Hi G Ann,

I would like to answer: Permission of the Gitlab user on the project is Owner.

Regards,
Uyen

11

Hi Uyen,

Thanks for that confirmation. I’m going to flag this for more expert eyes.

 
Ann

1 Like
13

Hi G Ann,

Thank you for your support!

Regards,
Uyen

16

Hi!

I apologize for the delay. Are you still experiencing this issue?

Best,
Ambroise

1 Like
17

Hi Ambroise,

Yes, we still face this issue!

1 Like
18

I’ll try to reproduce this issue and then get back to you. Please update this thread if the situation evolves on your side.

Best,

19

Hi Uyen,

For now we unfortunately can’t reproduce your issue. To be able to help you further, could you please share with me the following details:

  • Which SQ edition are you using, enterprise?
  • Is “GitLab Community Edition v17.2.7” a self-hosted edition?
  • Can you share with us the full logs where the extract you already shared (the one where it says the PR decoration is successful) is from?

If some of these are confidential on your side, can you share them with me in a private message?
Thank you.
Have a very nice weekend.

Best,

21

Hi Ambroise,

I would like to answer as below:

  • SQ edition we are using 9.9.1-developer
  • Gitlab is managed by organization team then I suppose it is a self-hosted edition.
  • We deploy SQ to EKS (kubernetes of AWS) then that is log of pod.

image:
repository: sonarqube
tag: 9.9.1-developer

Hope these information is useful for you to help us trace issue.

Thanks!
Uyen Vu

1 Like
24

Hello @chary1112004,

Apologies for the delay. If you are still facing the issue, we will need logs to understand what’s happening. As you had it working before the token change, and as we can assume the token is valid (the Check Configuration works :white_check_mark:), the problem must be more complex than that, probably at the network layer or something.

What I suggest is to:

  • Enable TRACE logs. We already saw that DEBUG logs are not helpful and we have a chance that TRACE logs are more verbose, especially around network calls.
  • Rerun an analysis on an MR supposed to do a decoration (ie. reproduce the problem)
  • Stop TRACE logs right away, for 2 reasons:
    • They have performance implications
    • As they are very verbose, the shorter the timeframe is, the better it is to investigate (I’d say few minutes should be fine)

From there you’ll probably be able to understand which request to GitLab fails and for what reasons (network access, authentication, etc.).
If you don’t figure out what’s happening, let me know and we will arrange something so I can have a look at these logs.

I hope this helps.

Antoine

25

Hi Antoine,

Yes, we are still facing the issue.

I would like to send below information as requested:

  • The log of sonarqube that is enabled TRACE logs.
  • Rerun analysis on MR to do a decoration
  • Time: sonarqube analysis 02:55:29.848 - 02:56:22.672. This is also the last job in pipeline then decoration should be around this time.
  • Pull Request: 880

Thanks,
Uyen Vu

26

Hello @chary1112004

This project is not configured to do MR decoration. I can see in logs such an SQL query made:

2024.12.16 02:56:18 TRACE ce[AZPNZOWXQZt_nUxqzcFU][sql] time=2ms | sql=insert into ce_task_message ( uuid, task_uuid, message, message_type, created_at ) values ( ?, ?, ?, ?, ? ) | params=AZPNZSUruOhmST0vOrI2, AZPNZOWXQZt_nUxqzcFU, No devops platform configured. To report the Quality Gate status to a devops platform, please configure it in the project administration., GENERIC, 1734317778219

ie. “No devops platform configured. To report the Quality Gate status to a devops platform, please configure it in the project administration.”

Are you sure it’s well configured? What do you see in the Project Settings > General settings > DevOps Platform Integration? It should look something like:

Screenshot 2024-12-17 at 18.04.20
Screenshot 2024-12-17 at 18.04.201114×990 70.1 KB

Antoine

1 Like
27

Hi @Antoine,

Yes, it is already configured to do MR decoration and check configuration vailid as below:

image
image1446×757 39.1 KB

Regards,
Uyen Vu

28

Hello @chary1112004 ,

The screenshot you attached is the main configuration to connect to GitLab (defining the URL and Token). Once done, each project has to be bound to their GitLab repository. You don’t have to do it yourself if you import the project (Create project > From GitLab), but if you create a Local project, you have to take care of the binding.

This is done from the project homepage: Project Settings > General Settings > DevOps Platform Integration. From there, select your gitlab configuration and put the project ID that you will find on GitLab (from the project homepage, click the 3 dots logo on the top right > Copy project ID).

Let me know if that solves the issue. It should.

Regards,
Antoine

2 Likes
29

Hi @Antoine,

It works for us. When I re-create in the main configuration to connect to Gitlab (as token is expired), it seems automatically deleted MR decoration in all projects. After I add back configuration MR decoration in projects level then it works back.

Thank you a lot for your support!

PS: Since the issue is resolved then I delete the trace above log.

Uyen Vu