We’re using GitHub + CircleCI + SonarCloud.
Ever since we switched from automatic analysis to run sonar-scanner with CircleCI, we’re noticing that our pull requests are not consistently being decorated, and when that happens, the “SonarCloud Code Analysis” github-check is not reported. This happens on both our Python and js repositories. And this happens while the CircleCI job and the sonar-scanner command finish successfully.
Workaround: we usually just rerun the same CircleCI build and the 2nd time around, we get the decoration and the github-check. But this is still annoying.
Example command we run in CircleCI:
sonar-scanner -X -Dsonar.projectKey=ElevateSecurity_server -Dsonar.projectName=server -Dsonar.projectVersion=66a9ee8 -Dsonar.organization=elevatesecurity -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=****************************************
Example PR that wasn’t decorated: https://github.com/ElevateSecurity/server/pull/436
Steps to reproduce: it seems to happen most of the time on the first build of a pull request, when the branch just got pushed for the first time and the PR created a few seconds after that. But we’re not sure this is a consistent behavior.
CircleCI logs
17:30:28.472 INFO: SCM writing changed lines (done) | time=28ms
17:30:28.506 INFO: Analysis report generated in 160ms, dir size=380 KB
17:30:28.877 INFO: Analysis report compressed in 370ms, zip size=323 KB
17:30:28.877 INFO: Analysis report generated in /root/project/.scannerwork/scanner-report
17:30:28.877 DEBUG: Upload report
17:30:29.374 DEBUG: POST 200 https://sonarcloud.io/api/ce/submit?organization=elevatesecurity&projectKey=ElevateSecurity_server&projectName=server&characteristic=branch%3Dfix%2FEP-1095&characteristic=branchType%3DSHORT | time=497ms
17:30:29.376 INFO: Analysis report uploaded in 498ms
17:30:29.377 DEBUG: Report metadata written to /root/project/.scannerwork/report-task.txt
17:30:29.377 INFO: ANALYSIS SUCCESSFUL, you can find the results at: https://sonarcloud.io/dashboard?id=ElevateSecurity_server&branch=fix%2FEP-1095&resolved=false
17:30:29.377 INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
17:30:29.377 INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=********
17:30:29.379 DEBUG: Post-jobs :
17:30:29.380 INFO: Analysis total time: 23.075 s
17:30:29.382 INFO: ------------------------------------------------------------------------
17:30:29.382 INFO: EXECUTION SUCCESS