Sonar check missing for GitHub Action Pull Request

sodul · November 25, 2020, 7:32pm

We have a private GitHub repository to which we integrated with the sonarcloud-github-action plugin:

Somehow the pull requests are being reported on Sonar as pull requests, which is good, but Sonar is not reporting back through the Checks API.

We have other pipeline running on our private jenkins and these are reporting the Sonar Check properly on the PRs, so we are not sure what is missing from our side.

The workflow yaml is pretty simple:

    - name: Environment
      run: |
        org="$(cut -d/ -f1 <<< "$GITHUB_REPOSITORY")"
        repo="$(cut -d/ -f2 <<< "$GITHUB_REPOSITORY")"
        echo "SONAR_ORGANIZATION=$org" >> "$GITHUB_ENV"
        echo "SONAR_PROJECT_KEY=${org}_${repo}" >> "$GITHUB_ENV"
        # When running in the sonar container the workspace is remapped
        echo "WORKSPACE=/github/workspace" >> "$GITHUB_ENV"

    - name: SonarCloud Scan
      id: sonar
      # https://github.com/SonarSource/sonarcloud-github-action
      uses: sonarsource/sonarcloud-github-action@master
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

And our property file is very simple:

sonar.projectKey = ${env.SONAR_PROJECT_KEY}
sonar.organization = ${env.SONAR_ORGANIZATION}
sonar.pullrequest.provider = GitHub
sonar.pullrequest.github.repository = ${env.GITHUB_REPOSITORY}

sonar.projectBaseDir = .
sonar.sources = .
# sonar.tests = .
sonar.sourceEncoding =  UTF-8    

# Analysis Scope
# https://docs.sonarqube.org/latest/project-administration/narrowing-the-focus/
# https://sonarcloud.io/project/settings?category=exclusions&id=clumio_cdf
sonar.exclusions = \
  **/vendor/**,\
  **/.vendor-new/**

See attached screenshots since this is a private project.

PRs properly reported on SonarCloud:

No Sonar check on the Pull Request view in GitHub:

For reference the task if was AXYA11QT96rcPUGNOu8c

Our other repositories that use jenkins under the same GitHub and SonarCloud organization are properly reporting the Sonar Check int he Pull Requests so we know that SonarCloud is capable of reporting and the issue seems to be specific to GH Actions. Is there anything else we are missing?

Marcin_Majewski · November 26, 2020, 3:10pm

Hi @sodul,

The configuration of your GitHub action looks good. I have two question so I can understand the problem better.

Is the repository that you are trying to integrate part of the GitHub organization that is bound to SonarCloud?
Did you try to import this project through recommended way? By recommended I mean click on the “+” -> “Analyse new project” and then select the project from the list of the repositories present in your GitHub organization.

Best,
Marcin

sodul · November 26, 2020, 4:45pm

It turns out the issue is that under our GitHub organization we had the Sonar Application whitelisted to a specific set of repositories and it was missing for that new repository. We updated the Sonar Application configuration to make it available to all our repositories and the application showed up under the new repo.

After re-running the action for an existing PR, the Sonar Check showed up in GitHub.

system · December 3, 2020, 4:45pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.