How to automatically allocate the bugs in sonarqube

SonarQube Server / Community Build
1

Hi,
I use SonarQube9.6 Developer Edition,and use gitlab to add new projects.
image
image

I found that some sonarqube projects can obtain the author of a piece of code, and will automatically assign the bugs generated in this code to them.

image
image1365×857 95.2 KB

But at the same time, I found that other project codes did not get this information.

image
image1328×877 91.1 KB

After studying for a long time, I haven’t found any reason for such differences. I want to locate the corresponding developer of each bug through automation tools, so I hope to get answers in the community.

I look forward to your reply. Thank you!

2

Hey there.

In the second screenshot you shared, the upper right shows 2 warnings. What are they?

3

2 warnings
image
A2B gitlab-ci

image
image810×299 5.24 KB

image
image914×605 30.6 KB

doorbell gitlab-ci
image
image
image988×614 24.6 KB

What information do you need to judge? I found that this problem also exists in the community version of Sonar. Can you tell me how you get developer information? I can try to troubleshoot it myself.

thank you! We look forward to your reply!

4

I have encountered the same problem here. Have you solved it?

5

The issue would appear to be that your files lack blame data, which means SonarQube has no idea who authored a line of code.

I’m not sure what tool you’re using to pull your repo (it looks like a repo command is issued, but I’m not familiar with it). You should make sure it’s performing a full clone of your repository…

And, issue auto-assignment is only done on the first analysis of a branch (for existing issues). You might want to remove your project and start again, once you sort out having the Git blame data available.

6

Let’s change the Python code for analysis.

Now there are two python projects. The developers use the same environment, the same sonar access method, and both use gitlab ci access and the same trigger method. But they get completely different results. One project has all the developer information, and the other has no developer information.

I repeatedly checked the problem and didn’t know what the reason was. Did you call .git to get data from sonar? Or in other ways, have you found or encountered this problem?

Information of the first project

sonar-dev:
  stage: sonar
  image: harbor.xxxxx.com/library/sonar-scanner-cli:4.7
  only:
    - dev
  script: 
    - sonar-scanner -Dsonar.projectKey=xxxxx_xxx_xxx_universal_hrbp_center_AYHRSVmCmni-QIN-R2Dq -Dsonar.sources=. -Dsonar.host.url=https://sonarqube.xxxxx.com -Dsonar.login=02a431b0c8c5447eddd8978f537c70b8c579fd0a
  allow_failure: true

sonar-master:
  stage: sonar
  image: harbor.xxxxx.com/library/sonar-scanner-cli:4.7
  only:
    - master
  script: 
    - sonar-scanner -Dsonar.projectKey=xxxxx_xxx_xxx_universal_hrbp_center_AYHRSVmCmni-QIN-R2Dq -Dsonar.sources=. -Dsonar.host.url=https://sonarqube.xxxxx.com -Dsonar.login=02a431b0c8c5447eddd8978f537c70b8c579fd0a -Dsonar.qualitygate.wait=true
  retry:
    max: 2
    when: always

image
image925×586 19.7 KB

Information about another project

sonar-dev:
  stage: sonar
  image: harbor.xxxxx.com/library/sonar-scanner-cli:4.7
  only:
    - dev
  script: 
    - sonar-scanner -Dsonar.projectKey=xxxxx_xxx_xxx_security-portal_AYLPR-JJRx6-3KqLvqnr -Dsonar.sources=. -Dsonar.host.url=https://sonarqube.xxxxx.com -Dsonar.login=a1b7f98d5d4c68e14d0b6889bf6df65c521d9c5d -Dsonar.exclusions=static/**,templates/**
  allow_failure: true

sonar-master:
  stage: sonar
  image: harbor.xxxxx.com/library/sonar-scanner-cli:4.7
  only:
    - master
  script: 
    - sonar-scanner -Dsonar.projectKey=xxxxx_xxx_xxx_security-portal_AYLPR-JJRx6-3KqLvqnr -Dsonar.sources=. -Dsonar.host.url=https://sonarqube.xxxxx.com -Dsonar.login=a1b7f98d5d4c68e14d0b6889bf6df65c521d9c5d -Dsonar.exclusions=static/**,templates/** -Dsonar.qualitygate.wait=true
  retry:
    max: 2
    when: always

image
image1330×870 44.2 KB

7

I didn’t reply to your last message, please refer to my previous reply

8

It looks like there is an analys warning in the upper right of the screen (see the yellow :exclamation:)?

Can you open the warning and see what it says?

9

Thank you for your reply. I have found the problem, because the default cloning mode of gitlab is shallow cloning, and not all SCM information has been obtained.

1 Like
10

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.