Pull Request Analysis is no longer working

We have been using SonarCloud Analysis for a while and suddenly, the pull request analysis isn’t happening as expected and the Pull Request tab shows 0 branches. It was working fine earlier.

Additionally, I can see the scan and analysis happening in the overview screen as shown below but this is not reflected on the Pull Requests tab. Probably as a side effect, we are no longer getting a PR decoration comment from Sonar with the Analysis report.

Did something change recently or is there something to be updated in the workflow from outside?

Those analyses you’re seeing look to be from November, so they’ve probably been swept away by housekeeping since then.

How is your analysis being run? Is it Automatic Anaysis (GitHub only), CI-Based Analysis (which CI?)

We are running it through Github Actions. I have two projects, one is for Javascript/Typescript and the other is .Net. The Pull Request analysis stopped working for both.

Well then I think the big question is whether or not those actions still actually include the steps for SonarQube Cloud analysis – and if they’ve been running successfully. Go take a look at one of the pipelines for your PRs – do you see the scanner running in those pipeline logs, and is it successful?

Yes the scans are running successfully. I have even attached a log for reference below. This is for Javascript code.

Based on that URL at the end, the analysis is being pushed to your main branch.

Can you share your GitHub Actions YML file that includes the SonarCloud scan? The full thing, including the part that shows what triggers the pipeline.

I suspected the same because my branch branch was showing some of the issues from a Pull Request, the code which is still not in master.
Below is the YML file code.

name: SonarCloud Scan

on:
  push:
    branches:
      - master
  pull_request:
  merge_group:

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true

jobs:
  files-changed:
    name: Check if there are changes
    uses: ./.github/workflows/files-changed.yml

  sonarcloud-scan-frontend:
    needs: files-changed
    if: ${{ github.event_name == 'merge_group' || needs.files-changed.outputs.frontend-changed == 'true' }}
    runs-on: codebuild-x5-use1-gh-runner-${{ github.run_id }}-${{ github.run_attempt }}
    timeout-minutes: 60
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
        with:
          fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis

      - name: Docker Login
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_TOKEN }}

      - name: Use Node.js 20
        uses: actions/setup-node@v4
        with:
          node-version: 20
          cache: "npm"
          cache-dependency-path: ./UI/QueryBuilder/package-lock.json

      - name: install dependencies
        working-directory: ./UI/QueryBuilder
        run: npm ci

      - name: build checking bundle size
        working-directory: ./UI/QueryBuilder
        run: npm run build

      - name: run tests
        working-directory: ./UI/QueryBuilder
        run: npm test --coverage --coverageReporters lcov
        env:
          CI: true

      - name: SonarCloud Scan
        if: ${{ (github.event_name == 'push' || github.event_name == 'pull_request') }}
        uses: SonarSource/sonarqube-scan-action@v4
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        with:
          projectBaseDir: ./UI/QueryBuilder

I think this needs to look more like:

on:
  push:
    branches:
      - master
  pull_request:
    types: [opened, synchronize, reopened]

Without the types, I think the pull_request trigger doesn’t function.

It actually works this way too. It takes the default. This was working till recently and its still working and that’s why this workflow is getting triggered in the first place and its getting executed on each PR. But the new issue now is that it’s just not pushing to the PR tab but considering it as the master analysis.

Do you find anything else wrong/missing with the workflow?

Thanks for letting me know!

Nothing looks out of place in the workflow, although I admit I’m not at all familiar with merge_groups.

I suggest checking the analysis’s log once more to see what it’s automatically detecting about the environment. Consider these logs:

15:24:40.362 INFO  Found an active CI vendor: 'Github Actions'
...
15:24:41.207 INFO  Github event: pull_request

What similar logs do you see? What I want to know is if the environment is being automatically detected as GitHub Actions, and if so what GitHub event is being recognized.

I was cross-checking with my logs and I am not finding these mentioned events in the log. Probably this is the reason why it’s not recognised somehow as a pull request. Do you have any insights on which cases this log will be missed?

15:24:40.362 INFO  Found an active CI vendor: 'Github Actions'
...
15:24:41.207 INFO  Github event: pull_request