PR decoration not consistently shown

SonarQube Server / Community Build
,
1

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    • SonarQube Enterprise Edition Version 7.9.5 (build 38598)
  • what are you trying to achieve
    • After GitHub PR is built and sonar-scanner finished successfully , I’d like to see the SonarScan check result on GitHub Checks tab
  • what have you tried so far to achieve this
    • Sometimes the check result can show up correctly on the GitHub Checks tab; but sometimes the check result doesn’t show up despite the PR check record can be seen on SonarQube PR dashboard.
    • Is there a way to troubleshoot the issue?
2

Hi @Libra_Huang ,

Welcome to SonarSource community :sonarsource: !

Please upgrade to SonarQube 8.9.1 and acquire the following logs:

  • Change your Log Level to DEBUG (Administration > System > Log Level) - no need to restart SonarQube
  • Reanalyze the PR
  • Please share your $SONARQUBE_HOME/ce.log file here

Or if you prefer to privately message me, then just notify me here.

3

@Joe thanks for the tips, I’ll check with the IT to see if they can enable the debug/log for troubleshooting. Besides that, is there any other way that I, as a sonarqube client user, can do while waiting for IT’s support?

4

Hi @Libra_Huang: without more evidence to find a pattern for why you are encountering these issues, I can’t determine a workaround. You can disable the quality gate but I wouldn’t suggest that. I would just forego the PR decoration for now.

5

The IT team provides some warning messages for my Jenkins PR build.

Pull request decoration did not happen. No commit found for revision '9209dd8446b16e96f3f48122a915f851aabff8b8'. Please pass a valid commit revision to the scanner using 'sonar.scm.revision' parameter.

It turns out the problem is related to how Jenkins merge/build PR branch and how sonar-scaner determines the commit sha value.

I follow https://issues.jenkins.io/browse/JENKINS-56341 and explicitly specify sonar.scm.revision. Looks like the PR decoration is stable now.

def get_pr_commit():
    # Jenkins merges target branch to the PR before build.
    # In order to make SonarQube PR decoration works, we need the PR commit head before merge
    latest_commit = subprocess.check_output('git rev-parse HEAD', shell=True).strip()
    if os.environ['GIT_COMMIT'] == latest_commit:
        # PR branch is up-to-date with base branch, no merge commit was added
        return latest_commit
    else:
        prev_commit = subprocess.check_output('git rev-parse HEAD^', shell=True).strip()
        return prev_commit

    sonar-scanner \
      -Dsonar.modules=$scan_modules \
      -Dsonar.pullrequest.provider=github \
      -Dsonar.pullrequest.key=${CHANGE_ID} \
      -Dsonar.pullrequest.branch=${CHANGE_BRANCH} \
      -Dsonar.pullrequest.base=${CHANGE_TARGET} \
      -Dsonar.scm.revision=${PR_COMMIT}
1 Like
6

Thanks for the update. We do have a section in our documentation regarding Jenkins setup. See Jenkins: Detecting changed code in Pull Requests. You may want to try adjusting your CI pipeline with our recommendation or you can follow your own pattern to determine the commit SHA value.

1 Like
7

We decide to continue with “Merging the pull request with the current target branch revision” approach so the build/test can help discover problems if the code is merged. It would be great if Jenkins could preserve the PR commit head and save the workaround burden. Thanks.

1 Like
9

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.