Problem with Coverage report on sonarcloud-github-action v4.0.0 release

Template for a good new topic, formatted with Markdown:

  • ALM used - GitHub
  • CI system used - GitHub
  • Scanner command - Run SonarSource/sonarqube-scan-action@v4.1.0 (scannerVersion: 6.2.1.4610)
  • Languages of the repository - Python
  • Error observed:
  • "We observed an update to version v4.0.0 yesterday, and since then, we’ve encountered issues with the sonar coverage report.
  • After validating, we confirmed that the error does not occur in version v3.1.0."
23:05:16.124 INFO  Python test coverage
23:05:16.126 INFO  Parsing report '/home/runner/work/xxx/xxx/xxx/coverage.xml'
23:05:16.175 WARN  Invalid directory path in 'source' element: /github/workspace/xxx/xxx/xxx
23:05:16.176 ERROR Cannot resolve the file path '__init__.py' of the coverage report, the file does not exist in all 'source'.
23:05:16.411 ERROR Cannot resolve 1816 file paths, ignoring coverage measures for those files
23:05:16.412 INFO  Sensor Cobertura Sensor for Python coverage [python] (done) | time=850ms
  • Steps to reproduce
  • Potential workaround - Setting version on last stable @v3.1.0

With:
sonarsource/sonarcloud-github-action@v3.1.0
13:38:31.883 INFO SonarScanner CLI 6.2.1.4610

13:39:52.517 INFO  Sensor Cobertura Sensor for Python coverage [python]
13:39:53.310 INFO  Python test coverage
13:39:53.312 INFO  Parsing report '/github/workspace/apps/xxx/test-reports/coverage.xml'
13:39:53.660 INFO  Sensor Cobertura Sensor for Python coverage [python] (done) | time=1144ms

#Up
@ganncamp, could you help us here?

Hi @rafael-loggi,

Could you share the yaml of your GitHub workflow, and also debug logs of your execution?
That would help us with the investigation.

You can either add RUNNER_DEBUG: 1 to your environment variables, like so:

    - name: SonarQube Scan
      uses: sonarsource/sonarqube-scan-action@v4.1.0
      env:
        RUNNER_DEBUG: 1

or -Dsonar.verbose=true to the args parameter of the GitHub action, like so:

- uses: sonarsource/sonarqube-scan-action@v4.1.0
  with:
    args: >
      -Dsonar.verbose=true

Whatever is easier for you.

Thanks,
Antonio

Hi @antonio.aversa,

      - name: "Run tests"
        if: ${{ env.PROJECT_PATH }}
        working-directory: ${{ env.PROJECT_PATH }}
        run: |-
          $POETRY_BIN run pytest "./src" --cov "./src" --cov-config="./.coveragerc" --cov-report=xml:test-reports/coverage.xml --junitxml=test-reports/junit.xml
      - name: "Prepare coverage report for analysis"
        if: ${{ env.PROJECT_PATH }}
        run: |-
          sed -i 's+/home/runner/work/py/py+/github/workspace+g' ./$PROJECT_PATH/test-reports/*.xml
      - name: "SonarCloud"
        if: ${{ !inputs.skip-sonar }}
        uses: sonarsource/sonarcloud-github-action@master (Here we changed to @v3.1.0)
        env:
          GITHUB_TOKEN: ${{ secrets.GH_ACCESS_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        with:
          projectBaseDir: .
          args: >
            -Dsonar.pullrequest.key=${{ github.event.pull_request.number }}

The problem start´s with the release v4.0.0

When we change to @v3.1.0 we don´t have the problem anymore.

On sonarcloud interface we see this error on lastest analysis:

Hi @rafael-loggi,

Thanks for these additional pieces of information.

I suspect that the problem comes from the sed command:

- name: "Prepare coverage report for analysis"
  if: ${{ env.PROJECT_PATH }}
  run: |-
    sed -i 's+/home/runner/work/py/py+/github/workspace+g' ./$PROJECT_PATH/test-reports/*.xml

This step was required since the action was running in a container and /home/runner/work/py/py was not accessible from within the container.

Now the action is composite and it runs in the same context as the rest of the job. Therefore, the change should not be required anymore.

Can you try removing that step? If that doesn’t work, could you also produce debug logs, via the DEBUG=1 environment variable or the -Dsonar.verbose=true argument, and share with us?

(I can initiate a private conversation, if you would prefer not to share logs publicly).

Thanks,
Antonio

Hi @antonio.aversa,

Thank you for your return.
We will test version @v.4.0.0 without “sed” and let you know.

Regards,

@rafael-loggi

sonarqube-scan-action@v4.1.0 brings multiple improvements and bug fixes over sonarqube-scan-action@v4.0.0. I would go with v4.1.0.

Best regards,
Antonio

1 Like

Hello Antonio Aversa,
We tested using sonarqube-scan-action@v4.1.0 and removing the "sed" step and the coverage worked.
Thank you.

Regards,
Fabio

4 Likes

Good news, thanks for confirming!

2 Likes