PR Decoration not working intermittently

  • We are using SonarQube Developer edition 9.2.4.50792, SonarScanner 4.5.0.2216
  • We have integrated Github PR decoration and added that as a mandatory check before PR is allowed to be merged. Generally, it works fine, but sometimes it gives an issue where reporting the check on the PR fails. This is the warning seen on Sonarqube
    image
  • This has generally been observed on merge commits (when the source branch is merged)
  • On checking the commit on Github, this message is shown at the top: “This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.”

Hi,

Yes, this is the problem.

SonarQube can’t decorate the PR if there has been a merge commit in the pipeline/CI because that merge commit doesn’t exist in the remote repository. PR decoration relies on the assumption that the commit under analysis is the commit to decorate. When those two things don’t line up, it just doesn’t work.

 
HTH,
Ann

Hi @ganncamp,
Thanks for the answer. But, what we’ve noticed is that this happens for commits that are not merge commits as well.
E.g.
image
On checking the commit it shows the following

Now, 599cc29 is the actual last commit on the PR that needs to be scanned and b7a2c02 is the latest commit on master. 599cc29 is not a merge commit.
How do we fix this?

Hi,

What you’ve demonstrated is that PR decoration is not possible since - whatever its origin - the underlying commit you’re analyzing doesn’t exist in your SCM repository. You’re going to have to sort that out first before PR decoration can happen.

 
Ann

Any suggestions on where to look? The debug logs of Compute Engine don’t give many clues and there’s no pattern we could find that could help narrow down to the cause.

Hi,

You’re not going to find the source in the CE logs. This is going to be on your CI side. You need to figure out why the commit in your CI isn’t present in your SCM. Unfortunately, I don’t have any specifics on where you should look.

 
Ann

Hi,

I am facing the same issue for our repositories , any idea how to mitigate this issue ?
I am currently using the below checkout for my PR voter

“”“- uses: actions/checkout@v4
with:
fetch-depth: 0"”"