PR decoration with SonarCloud Automatic Analysis set to OFF

Hello,

First I want to apologise for writing a new topic, as this question might be already answered (unfortunately I didn’t find it).
Well, I am curious if there is option to have PR decoration and Sonar check connected to Github with SonarCloud Automatic Analysis disabled.

As far I have found out is that code coverage is not available inside Automatic Analysis, so we’re willing to switch to use sonar-scanner inside our pipeline on GCP Cloud Build, but it requires SonarCloud Automatic Analysis to be disabled.

Once I have disabled it, we do not have PR decoration nor Sonar check inside our Github.
Is there option to configure so or some workaround?

  • ALM used: GitHub
  • CI system used: GCP Cloud Build
  • Scanner command used when applicable (private details masked)
  • Languages of the repository: JS

Thanks in advance.

Kind regards,
Marko

1 Like

Hi,

It is possible.
You need to set the sonar.pullrequest.key parameter when running sonar-scanner in the CI pipeline of your PR (see the documentation).
For most CIs, this parameter is optional, as we can detect the value from environment variable. However we do not support GCP Cloud Build yet, so you need to set it manually.

Hope this helps,

Benoit

1 Like

Hi,

I also use Cloud Build + Github + JS.

I already add this in Cloud build yaml
sonar.pullrequest.base=$_BASE_BRANCH
sonar.pullrequest.branch=$_HEAD_BRANCH
sonar.pullrequest.key=$_PR_NUMBER

But same thing happens to me. No PR Decoration and no Sonar check.
Can someone help me?

Thanks
Nicho

Hello Nicholaus,

I think you can add that parameters inside Cloudbuild.yaml as you mentioned:

id: sonarcloud
    name: 'gcr.io/$PROJECT_ID/sonar-scanner:latest'
    args: [-Dsonar.pullrequest.key=$_PR_NUMBER"]

like this and it will work, but you’ll need to define trigger in the way that it is triggered by Pull Request to the base branch.

Yes, I have add that to my cloudbuild.yaml and create trigger by github pull request.
But still no pr decoration and sonar check.

Do I need to change something in sonarcloud setting? or create a webhook to github?

This is my sonar step in cloudbuild.yaml

1 Like

Hi @markovistica,

Is your pr decoration and sonar check got fixed?

I tried sonar-scanner locally it works. But when run in cloudbuild no pr decoration and no pr check

1 Like

@benoit - @markovistica & our other team members tried this approach, but we don’t see PR decoration (the same issue pointed by Nicholaus also). Can you please let us know if PR decoration is possible with GitHub and GCP Cloud Build?

@nicholausadi - No, we haven’t been able to get PR decoration and Sonar check working yet!

Hi, I finally fix this problem.
The problem is GCP cloud build with Github app only do shallow clone of the repo. This make sonar scanner scm auto detection failed to detect as git repo. My assumption is because sonar scanner doesn’t know the scm then github webhook not triggered.

Here how I solve this problem with:

  1. add first step git clone and checkout head branch
  2. run npm install
  3. run npm test with jest coverage
  4. run sonar scanner

Reference from gcp docs:
https://cloud.google.com/cloud-build/docs/automating-builds/create-manage-triggers#including_the_repository_history_in_a_build