which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
-> SonarQube 7.7 Developer Edition.
what are you trying to achieve
-> Trying to integrate GitHub with Sonarqube for PR checks decoration
what have you tried so far to achieve this
-> I created GitHub App as per documentation instructions https://docs.sonarqube.org/7.7/instance-administration/github-application/ and then configured the Sonarqube global settings instance…
Key: sonar.pullrequest.provider :-GitHub
sonar.pullrequest.github.endpoint :- https://github.com/minty-22
sonar.alm.github.app.name :- SonarQubePRChecks
sonar.alm.github.app.id :- 120
sonar.alm.github.app.privateKey.secured :base64 -pemKey
Even in the project repository identifier …Adminsitration->General Settings->Pull Requests…I set the
sonar.pullrequest.github.repository :-https://github.com/sampleProject
I am using sonar-scanner plugin in my maven project pom.xml
And <sonar.host.url>http://…</sonar.host.url>
<sonar.projectKey>{project_key}</sonar.projectKey>
<sonar.projectName>{projetc_name}</sonar.projectName>
<sonar.projectVersion>1.0</sonar.projectVersion>
When I do mvn clean install + mvn sonar:sonar it runs and display the code coverage on the Sonarqube Dashboard but I didn’t see anything in the sonar logs for PR checks decoration.
And after doing all this I am unable to see the any PR checks in the GitHub …so do I need to do anything else to make Sonarqube and GitHub talk with each other for PR checks decoration?
What other steps I need to do to get PR checks decoration work?
Please help me
Thanks in advance.
First, I need to point out that 7.9.1 is the latest SonarQube version and the current LTS. You should consider upgrading at your earliest convenience.
I’ve just fired up a 7.7 DE instance to double-check. At a minimum you’ve misunderstood sonar.pullrequest.github.endpoint. The in-UI field explanation is this:
So apparently your value should be https://github.com/api/v3, not https://github.com/minty-22.
And then at the project level, you also appear to have misconfigured sonar.pullrequest.github.repository. The in-UI explanation gives an example value of SonarSource/sonarqube. Note that there’s no “https://github.com” in there. Other fields have identified where your GHE enterprise is. This field asks for a value within that instance. I’m guessing your value would be something like minty-22/sampleProject.
So… without seeing all your key/value pairs, I can only suggest that you re-examine each one and make sure the values you’ve filled in conform to the in-UI descriptions and/or examples.
Hi Ann ,
Thanks for the reply.
After making the changes in the Sonarqube settings as per your suggestion to change the inputs…I am getting one link as “See the PR” in the Sonarqube dashboard under my project name but not seeing any code there.And ,Github in the pull request ->checks tab I am getting Github App reflecting but nothing showing there as the analysis .
Only under the Sonarqube GitHub App ,reflecting “Queued 12 hours ago” & “Re-run all”.
Why I am getting this…Am I making any more mistakes?
Please help me .
Is the PR passing its quality gate? From checking our own PRs, it doesn’t look like you’ll see much in GH when the PR passes. It’s when it fails that the Checks tab lights up.
Now I am getting in my Sonarqube under the Project->Overview as “See the PR” link beside Passed but as you can see in the screenshot there is no lines of code it is showing, only “0.0% Duplications on 86 new lines” it is reflecting which is nothing but the pom.xml lines of code.
While doing mvn sonar:sonar…I am getting the following warnings:-
[INFO] SCM provider for this project is: git
[INFO] 9 files to be analyzed
[INFO] 0/9 files analyzed
[WARNING] Missing blame information for the following files:
[WARNING] This may lead to missing/broken features in SonarQube.
The extensions of the files are .java .Earlier it was running fine without giving any warning but after trying to do integration of GitHub with Sonarqube its giving me this error.Its not scanning the sub-modules of the project, its only scanning the pom.xml of the aggregator module.
Still my problem is there after trying all the possibilities to do integration with GitHub,why I am not able to see the PR analysis on my Github page?
I have all the steps mentioned the Sonarqube documentation but it is not working…
Can you please guide me where I am making mistake or can you please share with me if you have any detailed documentation which describes about integration of GitHub with Sonarqube …it will really helps me.
I’m not sure what’s going on. Are there any errors in your background task logs? Also, I believe some people have cleared up their problems by re-setting up the application on the GH side.
I am getting error in the ce.log “Could not find a suitable sha1 to decorate, skip decoration”…while trying to do PR decoration…Can you please let me know why this error is coming and how to resolve this error?
A lot has happened in this thread and there’s really too much to sort through. I think it would be best if you start a new thread with a full summary of your current situation: what works, what doesn’t work, what you’ve tried, any relevant-seeming error or log messages, &etc.
…Can you please explain this more in detail?