Hi,
I’m having a few problems while scanning pull requests coming to a private project in bitbucket cloud.
the transactions I have done so far;
- I integrated my project in bitbucket cloud into sonar cloud.
- I use aws codebuild as a trigger. When a pull request is create, the codebuild runs and analyzes the incoming pull request.I can see the analysis as “passed” on the sonarcloud screen.
my problems
1 ) I cannot view my branches and pull requests in the repo. So I cannot distinguish which analysis result belongs to which pull request.
2 ) I cannot see the results of the analyzed pull request on the bitbucket cloud pull request screen.
this image is codebuild webhook configurations
this is my buildspec.yml file
version: 0.2
phases:
install:
runtime-versions:
nodejs: 12
java: corretto11
commands:
- apt-get update
- apt-get install -y jq
- export SONAR_SCANNER_VERSION=4.4.0.2170
- export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux
- curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
- unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
- export PATH=$SONAR_SCANNER_HOME/bin:$PATH
- export SONAR_SCANNER_OPTS="-server"
pre_build:
commands:
- sonar-scanner -Dsonar.organization=bilgeadamguney -Dsonar.projectKey=bilgeadamguney_my-sonar-app -Dsonar.sources=src -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN
- sleep 5
- curl -u SONAR_TOKEN https://sonarcloud.io/api/qualitygates/project_status?projectKey=bilgeadamguney_my-sonar-app > analysis.json
- cat analysis.json
- if [ (jq -r ‘.projectStatus.status’ analysis.json) = ERROR ] ; then $CODEBUILD_BUILD_SUCCEEDING -eq 0 ;fi
build:
commands:
- echo Building Project
- echo Finished Building
cache:
paths:
- “node_modules/**/*”
Hi @tahacanatak and welcome to our Community!
Looking at how you execute the scanner:
sonar-scanner -Dsonar.organization=bilgeadamguney -Dsonar.projectKey=bilgeadamguney_my-sonar-app -Dsonar.sources=src -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=$SONAR_TOKEN
I see there is no information related to the pull request/branch to be analysed.
Since you are not using an SonarCloud-integrated CI you need to configure some additional parameters. You can check them here, basically:
sonar.branch.name
sonar.branch.target
For pull requests (currently there is no documentation for it), you need to specify the parameter:
sonar.pullrequest.key
I hope that helps! Please come back if you need further help.
Hi Thank you so much.
Help solved the problem using this.
Is there any difference from what you suggest?
- sonar-scanner -Dsonar.organization=test
-Dsonar.projectKey=my-sonar-app
-Dsonar.sources=src
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.login=$SONAR_TOKEN
-Dsonar.pullrequest.base=master
-Dsonar.pullrequest.branch=CODEBUILDEXTRAS_GIT_BRANCH
-Dsonar.pullrequest.key=(echo $CODEBUILD_WEBHOOK_TRIGGER | cut -c 4-5000)
You are welcome. Your approach is fine!
One remark: I would not send pull request information when doing an analysis on a long living branch, for example. If you do that, please change your script properly (not having such parameters). But i guess you are only analyzing pull requests this way, that is correct?
yes I only analyze pull requests.
I want to ask one more question.I use the same parameters when doing analysis in dotnet projects, but I get the following error.Are other parameters used in other pull request analyzes in dotnet projects?
Running command dotnet sonarscanner begin /k:ba.lms /o:guney /d:sonar.login=$SONAR_TOKEN /d:sonar.host.url=https://sonarcloud.io /d:sonar.pullrequest.base=master /d:sonar.pullrequest.branch=$CODEBUILDEXTRAS_GIT_BRANCH /d:sonar.pullrequest.key=$PULL_REQUEST_NUMBER /d:sonar.verbose=true
164 SonarScanner for MSBuild 5.2
165 Using the .NET Core version of the Scanner for MSBuild
166 The format of the analysis property sonar.pullrequest.branch= is invalid
167 Default properties file was found at /root/.dotnet/tools/.store/dotnet-sonarscanner/5.2.0/dotnet-sonarscanner/5.2.0/tools/net5.0/any/SonarQube.Analysis.xml
When I run it without assigning variables to parameters, as stated below, I do not get an error. but I have to set it as a variable. I guess I’m making a syntax error
dotnet sonarscanner begin /k:ba.lms / o: guney /d:sonar.login=$SONAR_TOKEN/d:sonar.host.url=https://sonarcloud.io /d:sonar.pullrequest.base=master / d : sonar.pullrequest.branch = feature / analysis-test2 /d:sonar.pullrequest.key=642 /d:sonar.verbose=true
@tahacanatak you are welcome!
Could you provide the value of this parameter:
value is null 
the problem was caused by the plug I used.Thank you again. 
