Quality Gate with issues reports passed to bitbucket

quality-profiles

(Benjamin Vonlanthen) #1

Must-share information (formatted with Markdown):

  • which versions are you using: Cloud and Jenkins SonarQube Scanner 2.8.1 and bitbucket cloud
  • what are you trying to achieve: Quality gate fails when it has issues
  • what have you tried so far to achieve this: nothing

Hi there

Since 11th our quality gate is behaving weird.
Even when not passing it reports as passed to bitbucket.

Did anything change on your side which could cause this issue?

Best regards
Benjamin


(G Ann Campbell) #2

Hi,

You’ve tagged this question with ‘sonarqube’. I’m wondering if you meant ‘sonarcloud’ instead.

 
Ann


(Benjamin Vonlanthen) #3

I do. Thanks for seeing it. I changed it now.


(Julien Henry) #5

Hi @berick

When you say:

Even when not passing it reports as passed to bitbucket.
can you precise a bit more. Are you talking about the widget on the overview page of your repository? Or the widget/status on a pull request ?

Thanks


(Benjamin Vonlanthen) #6

Bittbucket reports all pull requests as ok, used to show when quality gate did not pass:


(Benjamin Vonlanthen) #7

SonarCloud reports some pull requests with failed quality gates:

I am not sure if this is a sonarcloud or bitbucket issue. But somewhere something seems to be reported wrongly.


(Michal Duda) #8

When you click on the quality gate icon, do you see a separate entry for SonarCloud like here:

55

? When you click on the icons in previous builds where everything worked as expected, do you see this entry?


(Benjamin Vonlanthen) #9

21
I only have this where the link goes to Jenkins. The SonarCloud link is not there anymore. But we changed nothing on our configs.


(Michal Duda) #10

Can you please post an analysis log and all parameters that were provided to the scanner? Also, do you see any warnings in SonarCloud UI when you go to the branch/pull request you have analysed (yellow box, near the date of the last analysis)?


(Benjamin Vonlanthen) #11

This is the commant:

sonar-scanner -Dsonar.projectKey=xxx -Dsonar.organization=xxx -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=**** -Dsonar.java.coveragePlugin=jacoco -Dsonar.jacoco.reportPath=/correct/path/to/project/junit/jacoco.exec -Dsonar.pullrequest.branch=feature/xyz -Dsonar.pullrequest.key=989 -Dsonar.pullrequest.base=develop -Dsonar.pullrequest.provider=bitbucketcloud -Dsonar.pullrequest.bitbucketcloud.repository=xxx -Dsonar.pullrequest.bitbucketcloud.owner=xxx

INFO: Scanner configuration file: /var/lib/jenkins/.sonar/native-sonar-scanner/sonar-scanner-3.2.0.1227-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: /correct/path/to/project/sonar-project.properties
INFO: SonarQube Scanner 3.2.0.1227
INFO: Java 1.8.0_121 Oracle Corporation (64-bit)
INFO: Linux 3.10.0-957.5.1.el7.x86_64 amd64
INFO: User cache: /var/lib/jenkins/.sonar/cache
INFO: SonarQube server 7.7.0
INFO: Default locale: “en_US”, source code encoding: “UTF-8”
INFO: Load global settings
INFO: Load global settings (done) | time=213ms
INFO: Server id: BD367519-AWHW8ct9-T_TB3XqouNu
INFO: User cache: /var/lib/jenkins/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=58ms
INFO: Load/download plugins (done) | time=161ms
INFO: Loaded core extensions: developer-scanner
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=4ms
INFO: Project key: xxx
INFO: Base dir: /var/lib/jenkins/jobs/ecom_ci_sonar_pullrequests/workspace/
INFO: Working dir: /var/lib/jenkins/jobs/ecom_ci_sonar_pullrequests/workspace/.scannerwork
INFO: Load project settings for component key: ‘xxx’
INFO: Load project settings for component key: ‘xxx’ (done) | time=38ms
INFO: Load project branches
INFO: Load project branches (done) | time=28ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=78ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=15ms
INFO: Load project repositories
INFO: Load project repositories (done) | time=2005ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=66ms
INFO: Load active rules
INFO: Load active rules (done) | time=1409ms
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=26ms
INFO: Organization key: mp
INFO: Pull request 989 for merge into develop from feature/xyz
INFO: SCM collecting changed files in the branch
INFO: SCM collecting changed files in the branch (done) | time=179ms
INFO: Indexing files…
INFO: Project configuration:
INFO: Excluded sources: /gensrc//*.java
INFO: 2894 files indexed
INFO: 0 files ignored because of inclusion/exclusion patterns
INFO: Quality profile for css: Sonar way
INFO: Quality profile for java: Sonar Profile
INFO: Quality profile for js: Sonar way Recommended
INFO: Quality profile for web: Sonar way - with exclude rules for wicket.html
INFO: Quality profile for xml: Sonar way
INFO: ------------- Run sensors on module xxx
INFO: Sensor JavaSquidSensor [java]
INFO: Configured Java source version (sonar.java.source): 8
INFO: JavaClasspath initialization
INFO: JavaClasspath initialization (done) | time=4218ms
INFO: JavaTestClasspath initialization
INFO: JavaTestClasspath initialization (done) | time=3970ms
INFO: Java Main Files AST scan
INFO: 1936 source files to be analyzed
INFO: 101/1936 files analyzed, current file:
INFO: 258/1936 files analyzed, current file:
INFO: 476/1936 files analyzed, current file:
INFO: 736/1936 files analyzed, current file:
INFO: 786/1936 files analyzed, current file:
INFO: 1037/1936 files analyzed, current file:
INFO: 1306/1936 files analyzed, current file:
INFO: 1625/1936 files analyzed, current file:
INFO: 1915/1936 files analyzed, current file:
INFO: 1936/1936 source files have been analyzed
INFO: Java Main Files AST scan (done) | time=91193ms
INFO: Java Test Files AST scan
INFO: 309 source files to be analyzed
INFO: 309/309 source files have been analyzed
INFO: Java Test Files AST scan (done) | time=9606ms
INFO: Sensor JavaSquidSensor [java] (done) | time=112133ms
INFO: Sensor SonarCSS Metrics [cssfamily]
INFO: Sensor SonarCSS Metrics [cssfamily] (done) | time=31ms
INFO: Sensor SonarCSS Rules [cssfamily]
INFO: Sensor SonarCSS Rules [cssfamily] (done) | time=32407ms
INFO: Sensor SurefireSensor [java]
INFO: parsing [/correct/path/to/project/junit/TESTS-TestSuites.xml]
INFO: Sensor SurefireSensor [java] (done) | time=4ms
INFO: Sensor JaCoCoSensor [java]
INFO: Analysing /correct/path/to/project/junit/jacoco.exec
INFO: No information about coverage per test.
INFO: Sensor JaCoCoSensor [java] (done) | time=5032ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=554ms
INFO: Sensor XML Sensor [xml]
INFO: 325 source files to be analyzed
INFO: Sensor XML Sensor [xml] (done) | time=788ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: 325/325 source files have been analyzed
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=28ms
INFO: Sensor SonarJS [javascript]
INFO: 4 source files to be analyzed
INFO: Sensor SonarJS [javascript] (done) | time=1116ms
INFO: Sensor ESLint-based SonarJS [javascript]
INFO: 4/4 source files have been analyzed
INFO: Using default Node.js executable: ‘node’.
INFO: 4 source files to be analyzed
INFO: Sensor ESLint-based SonarJS [javascript] (done) | time=2427ms
INFO: Sensor Zero Coverage Sensor
INFO: 4/4 source files have been analyzed
INFO: Sensor Zero Coverage Sensor (done) | time=332ms
INFO: Sensor JavaSecuritySensor [security]
INFO: Reading UCFGs from: /correct/path/to/project/.scannerwork/ucfg2/java
INFO: 18:55:34.1 Building Type propagation graph
INFO: 18:55:34.106 Running Tarjan on 0 nodes
INFO: 18:55:34.107 Tarjan found 0 components
INFO: 18:55:34.107 Variable type analysis: done
INFO: UCFGs: 0, excluded: 0, source entrypoints: 0
INFO: No UCFGs have been included for analysis.
INFO: Sensor JavaSecuritySensor [security] (done) | time=12ms
INFO: Sensor CSharpSecuritySensor [security]
INFO: Reading UCFGs from: /correct/path/to/project/ucfg_cs2
INFO: 18:55:34.108 Building Type propagation graph
INFO: 18:55:34.108 Running Tarjan on 0 nodes
INFO: 18:55:34.109 Tarjan found 0 components
INFO: 18:55:34.109 Variable type analysis: done
INFO: UCFGs: 0, excluded: 0, source entrypoints: 0
INFO: No UCFGs have been included for analysis.
INFO: Sensor CSharpSecuritySensor [security] (done) | time=1ms
INFO: ------------- Run sensors on project
INFO: Sensor Java CPD Block Indexer
INFO: Sensor Java CPD Block Indexer (done) | time=1073ms
INFO: SCM provider for this project is: git
INFO: 43 files to be analyzed
INFO: 43/43 files analyzed
INFO: 609 files had no CPD blocks
INFO: Calculating CPD for 1621 files
INFO: CPD calculation finished
INFO: SCM writing changed lines
INFO: SCM writing changed lines (done) | time=484ms
INFO: Analysis report generated in 1538ms, dir size=4 MB
INFO: Analysis report compressed in 2137ms, zip size=2 MB
INFO: Analysis report uploaded in 328ms
INFO: ANALYSIS SUCCESSFUL, you can browse https://sonarcloud.io/project/issues?id=xxx&pullRequest=989&resolved=false
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=xyz
INFO: Analysis total time: 2:51.609 s

I hope this helps. I adjusted some paths and variables which as you understand I can not share.


(Michal Duda) #12

Thank you for posting the logs. They look ok so please:

  • check if you get any warnings in SonarCloud UI on the dashboard of the branch/pull request you are analysing. Please post them here if you do.
  • you hid some properties/arguments but make sure that for both sonar.pullrequest.bitbucketcloud.repository and sonar.pullrequest.bitbucketcloud.owner you pass valid UUIDs and not bitbucket slugs. The format should be the same as mentioned on https://sonarcloud.io/documentation/analysis/pull-request/. We had to drop support for repository and owner slugs due to changes in Bitbucket API.

(Benjamin Vonlanthen) #13

Something new. Since this morning, still no change made. It looks like this. The Jenkins link is now gone as well.


(Benjamin Vonlanthen) #14

@Michal_Duda: I guess then it is the slugs change. We are using that from the BitBucket Pullrequest Plugin in Jenkins. I will see to change it to UUIDs


(Benjamin Vonlanthen) #15

Did not solve the issue… Not sure what to try now.


(Michal Duda) #18

Please check if you are getting any warnings in SonarCloud UI like here (after selecting your PR first):


(Benjamin Vonlanthen) #19

I do but I checked and I have nowhere a setting for shallow clone.


(Benjamin Vonlanthen) #20

Now I have another one:

I reinstalled the app and connected the repositories which are connected. Did not change anything.


(Michal Duda) #21

If you’re installing the app and the warning still appears after re-analysing then the only thing that comes to my mind is that there must be something wrong with sonar.pullrequest.bitbucketcloud.owner that you pass to the scanner. Are you sure the UUID that you provide is surrounded by curly brackets like it says in the docs? Are you sure the UUID you provide is the one for the team/user that owns the repository of your project?


(Benjamin Vonlanthen) #22

Yes it was. The fun thing is, I changed it back to slugs and now at least it runs again, although not correctly mapped.

With UUID it does not work at all. I got the UUID through API calls to bitbucket. I might used the wrong ones?

Repo UUID I got with: https://api.bitbucket.org/2.0/repositories/teamname/repo
Owner UUID I got with: https://api.bitbucket.org/2.0/teams/teamname


(Michal Duda) #23

This warning says the bitbucket owner slug (pfistervkp) was passed to the scanner, not a bitbucket UUID of the owner.