GitLab Pull Request Decorator not showing images

lawrence · March 23, 2020, 10:34am

SonarQube: 8.1 Developer Edition

Hi,

I have a fairly locked down SonarQube server, which is behind a load balancer and only accepts connection from my IP range.

I am using the GitLab Pull Request Decorator, however because of how locked down the server is, I believe it is unable to load the images which it is trying to get from the SonarQube server, for example:

I’ve tried whitelisting the GitLab IP range from https://docs.gitlab.com/ee/user/gitlab_com/#ip-range, to both the load balancer, as well as the server directly, however the images are still not being rendered.

Am I missing something here perhaps?

Thank you in advance!

pierreguillot · March 23, 2020, 10:52am

Hi,

I guess you are using gitlab.com (vs on-prem). They use a proxy for assets : https://docs.gitlab.com/ee/security/asset_proxy.html

So you have to allow access from user-content.gitlab-static.net, not gitlab.com IPs.

lawrence · March 23, 2020, 10:55am

Thanks for the response!

Yup, I am using gitlab.com - just to verify, I need to get the IP address range of user-content.gitlab-static.net so I can add that to my security rules?

lawrence · March 26, 2020, 10:51am

Just to add, GitLab support provided the IP 35.190.114.86/32 for the asset proxy, which I whitelisted and has resolved the issue.

pierreguillot · March 26, 2020, 11:11am

Glad you made this working! Thanks for the IP range of the asset proxy, that may be useful fo others.

pablofmorales · May 14, 2020, 3:02am

Hi @pierreguillot same issue here, so thank you to point out the issue.

I’m using aws with sonarqube with docker, where I should add this ip range?

san1t1 · November 3, 2020, 12:16pm

We have the same issue, and our security policy does not allow us to open up the network to allow gitlab to reach our SQ.

It would be nice anyway, if, instead of requiring network trips to pull the image assets in, that they were embedded in the MR decoration as base64 images.

It’s a little thing, and we live without it, but this would be a remediation that would fix it for good for everyone

pierreguillot · November 4, 2020, 8:39am

https://jira.sonarsource.com/browse/SONAR-13106 fixed that, loading images from the web if you use github.com or gitlab.com.

Images will be loaded from here: https://github.com/SonarSource/sonarqube-static-resources

The fix will be available with SonarQube 8.6, planed for the 2nd week of December.

system · November 11, 2020, 8:39am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Self Hosted Gitlab Pull Request Decoration images are broken SonarQube Server / Community Build	3	828	March 7, 2022
GitLab MR Decoration Not Loading Icons SonarQube Server / Community Build github-integration	1	12	March 6, 2025
Images in GitHub Pull Request Decoration SonarQube Server / Community Build github , pull-request	3	1063	December 21, 2020
PR decoration with sonar in private network and Gitlab.com SonarQube Server / Community Build	6	877	March 3, 2020
GitHub Pull Request Decoration images are broken SonarQube Server / Community Build sonarqube	17	5099	December 11, 2020

GitLab Pull Request Decorator not showing images

Related topics