PR decoration to wrong devops integration

SonarQube Server / Community Build
,
1

We are using Sonarqube 9.7.1 developer edition

We had configured the Devops integration for Bitbucket and have now added Github Enterprise integration. So both are active.

We then changed the configuration of each Sonarqube project and switched from bitbucket to github enterprise integration.

If we now run Sonar for a PR we get the following error:

Pull request decoration did not happen. Configuration missing to decorate the Bitbucket Server pull request: BitbucketServerPrConfiguration{serverUrl=‘https://xxx.githubenterprise/api/v3’, project=‘XXX/YYY’, repository=null, id=6, headRevision=‘92cf0b19ccb931d7356d517e99d5f3d205436e5f’, token=null}

So it is using the github enterprise configured project name and url, but claims to use still bitbucketserver code.

Kind regards,
Michael

1 Like
2

Oof. That’s not great.

Can you see what the response of this API call is on your SonarQube instance against this project?

https://<SonarQube_URL>/api/alm_settings/get_binding?project=<Project_key>

3

Yes, this is the output:

{"key":"GHE","alm":"github","repository":"XXX/YYY","url":"https://githubenterprise/api/v3","summaryCommentEnabled":true,"monorepo":false}

So looks correct.

4

In general we have TLS issues with the connection to the github server, so maybe the real error is the flaky TLS connection, but the error message is just wrong?

2022.11.09 12:52:41 WARN  ce[AYRcctdMDGX3HJfiWPKx][c.s.G.D.G.M] Branch decoration failed
java.lang.IllegalStateException: Failed to find details about the GitHub App. Check in the Global configuration the URL, App ID and Private Key
	at com.sonarsource.G.D.G.M.A(Unknown Source)
	at java.base/java.util.Optional.orElseThrow(Optional.java:408)
	at com.sonarsource.G.D.G.M.A(Unknown Source)
	at com.sonarsource.G.D.G.M.F(Unknown Source)
	at com.sonarsource.G.D.G.M.C(Unknown Source)
	at com.sonarsource.G.D.G.M.A(Unknown Source)
	at com.sonarsource.G.D.G.G.A(Unknown Source)
	at com.sonarsource.G.D.G.B.A(Unknown Source)
	at java.base/java.lang.Iterable.forEach(Iterable.java:75)
	at com.sonarsource.G.D.G.B.A(Unknown Source)
	at com.sonarsource.G.D.l.A(Unknown Source)
	at org.sonar.ce.async.SynchronousAsyncExecution.addToQueue(SynchronousAsyncExecution.java:27)
	at com.sonarsource.G.D.l.A(Unknown Source)
	at java.base/java.util.Optional.ifPresent(Optional.java:183)
	at com.sonarsource.G.D.l.finished(Unknown Source)
	at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.executeTask(PostProjectAnalysisTasksExecutor.java:102)
	at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.finished(PostProjectAnalysisTasksExecutor.java:93)
	at org.sonar.ce.task.step.ComputationStepExecutor.executeListener(ComputationStepExecutor.java:89)
	at org.sonar.ce.task.step.ComputationStepExecutor.execute(ComputationStepExecutor.java:61)
	at org.sonar.ce.task.projectanalysis.taskprocessor.ReportTaskProcessor.process(ReportTaskProcessor.java:75)
	at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.executeTask(CeWorkerImpl.java:212)
	at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.run(CeWorkerImpl.java:194)
	at org.sonar.ce.taskprocessor.CeWorkerImpl.findAndProcessTask(CeWorkerImpl.java:160)
	at org.sonar.ce.taskprocessor.CeWorkerImpl$TrackRunningState.get(CeWorkerImpl.java:135)
	at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:87)
	at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:53)
	at com.google.common.util.concurrent.TrustedListenableFutureTask$TrustedFutureInterruptibleTask.runInterruptibly(TrustedListenableFutureTask.java:131)
	at com.google.common.util.concurrent.InterruptibleTask.run(InterruptibleTask.java:74)
	at com.google.common.util.concurrent.TrustedListenableFutureTask.run(TrustedListenableFutureTask.java:82)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:829)
2022.11.09 12:52:41 WARN  ce[AYRcctdMDGX3HJfiWPKx][c.s.G.C.A.A.A.B] Failed to request /app
javax.net.ssl.SSLHandshakeException: Remote host terminated the handshake
	at java.base/sun.security.ssl.SSLSocketImpl.handleEOF(SSLSocketImpl.java:1696)
	at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1514)
	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:456)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:427)
	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)
	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)
	at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)
	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)
	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)
	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)
	at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)
	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
	at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
	at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
	at org.sonar.alm.client.github.GithubApplicationHttpClientImpl.get(GithubApplicationHttpClientImpl.java:82)
	at org.sonar.alm.client.github.GithubApplicationHttpClientImpl.get(GithubApplicationHttpClientImpl.java:72)
	at com.sonarsource.G.C.A.A.A.B.A(Unknown Source)
	at com.sonarsource.G.C.A.A.A.B.getApp(Unknown Source)
	at com.sonarsource.G.D.G.M.A(Unknown Source)
	at com.sonarsource.G.D.G.M.F(Unknown Source)
	at com.sonarsource.G.D.G.M.C(Unknown Source)
	at com.sonarsource.G.D.G.M.A(Unknown Source)
	at com.sonarsource.G.D.G.B.A.E.A(Unknown Source)
	at com.sonarsource.G.D.G.B.A(Unknown Source)
	at java.base/java.lang.Iterable.forEach(Iterable.java:75)
	at com.sonarsource.G.D.G.B.A(Unknown Source)
	at com.sonarsource.G.D.l.A(Unknown Source)
	at org.sonar.ce.async.SynchronousAsyncExecution.addToQueue(SynchronousAsyncExecution.java:27)
	at com.sonarsource.G.D.l.A(Unknown Source)
	at java.base/java.util.Optional.ifPresent(Optional.java:183)
	at com.sonarsource.G.D.l.finished(Unknown Source)
	at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.executeTask(PostProjectAnalysisTasksExecutor.java:102)
	at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.finished(PostProjectAnalysisTasksExecutor.java:93)
	at org.sonar.ce.task.step.ComputationStepExecutor.executeListener(ComputationStepExecutor.java:89)
	at org.sonar.ce.task.step.ComputationStepExecutor.execute(ComputationStepExecutor.java:61)
	at org.sonar.ce.task.projectanalysis.taskprocessor.ReportTaskProcessor.process(ReportTaskProcessor.java:75)
	at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.executeTask(CeWorkerImpl.java:212)
	at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.run(CeWorkerImpl.java:194)
	at org.sonar.ce.taskprocessor.CeWorkerImpl.findAndProcessTask(CeWorkerImpl.java:160)
	at org.sonar.ce.taskprocessor.CeWorkerImpl$TrackRunningState.get(CeWorkerImpl.java:135)
	at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:87)
	at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:53)
	at com.google.common.util.concurrent.TrustedListenableFutureTask$TrustedFutureInterruptibleTask.runInterruptibly(TrustedListenableFutureTask.java:131)
	at com.google.common.util.concurrent.InterruptibleTask.run(InterruptibleTask.java:74)
	at com.google.common.util.concurrent.TrustedListenableFutureTask.run(TrustedListenableFutureTask.java:82)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
	at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:483)
	at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:472)
	at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:160)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:111)
	at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
	... 57 common frames omitted
6

I’ve marked this thread for some expert attention.

8

Warm welcome @reitzmichnicht ,

To help us investigate the issue could you share with us the Scanner Context of the failing analysis (the one that doesn’t decorate pull request in Github Enterprise)?
You can find this information in Project Settings → Background tasks → Cog wheel icon → Show Scanner Context

image
image1329×652 43.4 KB

You can remove from the Scanner Context sensitive information and share it with us in the private message.

Thank you

10

Hi Lukasz,

yes I can provide, but it does not look very helpful. The sonar.links.scm points correctly to github enterprise.
But I think I know what is going on. Only PRs are affected that initially where created with BitBucket.

So my guess to reproduce it is as follows:

  1. Sonar project is enabled with bitbucket integration
  2. Create PR on repo inside bitbucket and run PR analysis with sonar.
  3. Migrate repo from bitbucket to github enterprise including the open PRs
  4. Change devops integration from bitbucket to github enterprise on the sonar project
  5. Run PR analysis again on CI, but now with checkout from github enterprise
  6. The error should occur

Kind regards,
Michael

11

Hi @reitzmichnicht ,

Thanks for the scenario to reproduce. We will take it into account when trying to reproduce the issue.
Some of the properties mentioned in the Scanner Context may have some impact onto which type of decorator is picked by the code to do the pull request decoration. At the very least with Scanner Context provided we could exclude some possibilities, so it would be very helpful.

12

Hello @reitzmichnicht ,

Thanks for sharing with us the scanner context. We see there are no properties related there that are related to pull request decoration. Could you double check that you shared the right context from the pull request analysis (the right background task)?

13

Yes all scanner contexts from pull requests do not contain any extra information. Its a github organization folder in jenkins where I think the sonar maven plugin should automatically detect the information from the environment variables