Gitlab Pull Request decoration

Using SonarQube 8.3.1.34397
Gitlab: 12.8.5-ee
CI used: Gitlab CI

I am trying to get pull request decoration in Gitlab UI.
I have configured the gitlab pull request decoration as described at https://docs.sonarqube.org/latest/analysis/pr-decoration/

  1. Create gitlab user with required permission and added the access token (tried with and without gitlab api URL)
  2. Selected gitlab in Pull request decoration for the project (tried with and without project id)

command executed in pipeline:
sonar-scanner -Dsonar.host.url=$SONARQUBE_URL -Dsonar.login=$SONARQUBE_UI_TOKEN -Dsonar.qualitygate.wait=true

The scan is successful and a pull request is added to SonarQube.

But the Pull Request Decoration to GitLab is not working. The Pull Request contains no warning in sonarqube.

I can’t see any errors in ce logs:
2020.05.21 03:08:21 INFO ce[AXI1M2WMfLM8syhkqT1j][o.s.c.t.s.ComputationStepExecutor] Publish task results | status=SUCCESS | time=0ms
2020.05.21 03:08:21 INFO ce[AXI1M2WMfLM8syhkqT1j][o.s.c.t.s.ComputationStepExecutor] Trigger refresh of Portfolios and Applications | status=SUCCESS | time=0ms
2020.05.21 03:08:21 INFO ce[AXI1M2WMfLM8syhkqT1j][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Webhooks | globalWebhooks=0 | projectWebhooks=0 | status=SUCCESS | time=20ms
2020.05.21 03:08:21 INFO ce[AXI1M2WMfLM8syhkqT1j][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Pull Request decoration | status=SUCCESS | time=0ms
2020.05.21 03:08:22 INFO ce[AXI1M2WMfLM8syhkqT1j][o.s.c.t.CeWorkerImpl] Executed task | project=Uts.Web.Canvas.UI | type=REPORT | branch=feature/remove-git-shallow-for-sonarqube | branchType=BRANCH | id=AXI1M2WMfLM8syhkqT1j | submitter=admin | status=SUCCESS | time=40385ms

Any advice on how to solve this issue?

1 Like

Hi @Naveen_Kumar_Michael,

Could you please be more explicit? What were you expecting and what don’t you see?
Also, do you see any warning at the top right of the screen of the Pull Request in SonarQube?

Thanks

Hi Aurelie,

I am trying to get the Merge request overview in Gitlab. I believe that is also called Pull Request Decoration. I can see the quality gate is failed and PR pipeline is failed but I don’t see the merge request overview from sonarqube to Gitlab.
Yes, I don’t have any warnings.
Feature definition from Sonarqube Gitlab Integration website: SonarQube publishes Quality Gate and code metric results right in the Merge Request overview. You’re always getting the right info, at the right time and in the right place."

Regards,
Naveen

Hi @Naveen_Kumar_Michael,

Do you see a link to the PR in the PR overview in SonarQube like this :
image

Also, could you turn your logs in debug, and look in ce.logs if you see anything ?

Thanks

Hi Aurelie,

No, couldn’t see any PRs in the PR overview.

Yes I have enabled debug in ce.logs and did check for anything suspicious. Could find anything odd, attached it for reference…sonarqube.ce.log (12.4 KB)

Regards,
Naveen

Ok, thanks.

Sorry for the ping-pong here, could you also send your scanner logs please from your pipeline.

Thanks

gitlab_sonar_logs_pipeline_passed_for_no_additional_vuleranabilties.txt (23.3 KB) gitlab_sonar_logs_pipeline_failed_for_vuleranabilties.txt (23.9 KB)

Looks like the scanner is detecting a regular branch named feature/sonarqube-pr-decoration, not a merge request. Are you actually running the scanner on a build of a merge request?

By Default, GitLab runs a pipeline each time when changes are pushed to a branch. So merge request won’t be there when the build is triggered. I create the MR while the pipeline is being built.
Should I try to configure pipelines for merge requests option? I can’t see any details on this in sonarqube to gitlab integration documentation
https://docs.gitlab.com/ee/ci/merge_request_pipelines/#configuring-pipelines-for-merge-requests

Hi @Naveen_Kumar_Michael,

Have you seen the example in this doc: https://docs.sonarqube.org/latest/analysis/gitlab-cicd/ ?

Cheers

1 Like

Thanks Aurelie, after adding the merge request condition, I could see the PR decoration came through with zero vulnerabilities. To confirm full flow, I retried by adding vulnerabilities in the code. When I tried so, I noticed the analysis never completes. Its running for 4 days.

  1. I am not sure how to stop the analysis. I have restarted the service now.

When I checked the logs in gitlab, I see gitlab timed out after 300s with below information and passed the pipeline.
INFO: Waiting for the analysis report to be processed (max 300s)

  1. I wonder whether I have to increase the timeout to more than 300s? Not sure how to do it.
    Separately, I am unable to open the ce.log as the files has gone massively big.

Thanks for the documentation reference, I considered merge_request to be optional similar to master branch condition.

I fixed the issue on analysis results not sent to gitlab by
https://jira.sonarsource.com/browse/SONAR-13290

Apparently I don’t have to increase the timeout I have to make change in gitlab configuration to accept the increased payload of information sent from sonarqube.

Summarizing solution:

  1. Target gitlab step only for merge request, sample https://docs.sonarqube.org/latest/analysis/gitlab-cicd/ ?
  2. Increase gitlab http request client header size https://jira.sonarsource.com/browse/SONAR-13290
2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.