Pull Request decoration via gitlab does not appear to be working for us. It is a self managed server.
The Admin->Configuration->ALM Integrations indicates the feature is enabled.
No errors seem to be output when the scan runs and projects are successfully analysed in our GitLab CI pipelines.
The project configuration looks correct, the configuration name is set and the project ID is empty.
I don’t see anything relevant in the sonarqube logs. I also don’t see any overt indication that any decoration is being attempted.
Any other suggestions to help us get this working or at least where to look for relevant error logs?
One thing that is not clear to me is whether I need to pass these into the scanner:
sonar.pullrequest.base
sonar.pullrequest.key
sonar.pullrequest.branch
Is that done automatically now or should I be specifying these? This thread implies it is automatic from 8.3 onwards but I wasn’t clear if we are inadvertently doing Branch Analysis as opposed to Pull Request Analysis:
I got around this by specifying the following params in a sonar-project.properties file:
sonar.pullrequest.key=
sonar.pullrequest.branch=
sonar.pullrequest.base=
I also had to specify gitlab projectID on the Project config in Sonarqube . The docs implies some of this is handled automatically, however, that only appears to be true for certain configurations.
You shouldn’t pass those three parameters via the sonar-project.properties file. If you do that, no matter the Merge Request you create on GitLab, you will need to update those values each time. This is highly inconvenient and error prone.
What is the CI you use? Is it also GitLab? If it is, those parameters are handled automatically. If you use GitLab CI, what is your .gitlab-ci.yml file looking like?
Go to Project Settings > General Settings > Pull Request Decoration and select your Configuration name. If you’re using GitLab CI, you can leave Project ID blank, as it will be auto-detected. If you’re using a different CI tool (e.g.: Jenkins, Travis CI, etc), or run the analysis manually, provide the project’s numerical ID.
I think some of the other args we specified mean’t the pull request analysis does not happen unless I force it. We wrap sonar-scanner to get Xcode coverage reporting correctly but maybe you know if specifying any of these would prevent PR decoration? sonar.projectVersion sonar.gitlab.commit_sha sonar.gitlab.ref_name sonar.gitlab.project_id
We had these set from when we used a third party plugin for gitlab auth which got deprecated around 8.x. I should probably try it without these being set.
We don’t have to hardcode the values, our stage currently looks like this:
-p corresponds to -Dsonar.projectVersion
-k corresponds to -Dsonar.pullrequest.key= $CI_MERGE_REQUEST_IID
-b corresponds to -Dsonar.pullrequest.branch=$CI_MERGE_REQUEST_BRANCH_NAME -Dsonar.pullrequest.base=dev is fine for us to hardcode.
Gitlab provides these variables if only: merge_requests is used. This isn’t ideal because it results in a detached gitlab pipeline. I’m still trying to get the auto detection working since it would be way more convenient.
I’ll post back if removing the mentioned parameters does enable the auto detect to work.
A further test shows one of those parameters is preventing the analysis. I believe it is now auto-detecting everything. I wish I’d tried that first . For anyone else look at this my stage now looks like:
. For anyone else look at this my stage now looks like: