We have been using SonarCloud successfully for a while, but in recent weeks some parts have broken.
There are a number of threads here on this forum with very similar symptoms, e.g.
https://community.sonarsource.com/t/sonarcloud-doesnt-update-github-status/6325
We have many Maven-based and JavaScript-based public repositories at GitHub. The JavaScript-based ones are failing more drastically, but some of the Maven-based ones show problems too.
We use Jenkins Pipeline. An early stage uses the âcheckoutâ step with the âGitSCM classâ.
For the stage that runs Sonar, we use the âsonar-maven-pluginâ for the Maven ones, and the âbin/sonar-scannerâ for the JavaScript ones.
I selected one of each type (Java-based and JavaScript-based) where know that these still have some Sonar-detected issues in their master branch. Other past closed PRs are available to see the similar problems, but of course their Jenkins outputs might be removed now.
So to demonstrate some of the problems, today i made two fresh pull-requests in each repository, with one of them unmerged, to enable investigation of the checks.
A Maven-based repository:
https://github.com/folio-org/mod-audit-filter/pull/20 (merged)
https://github.com/folio-org/mod-audit-filter/pull/21 (open)
- The âChecksâ tab does show the sonar result.
- The âConversationâ tab link to âShow all checksâ does show the âSonarCloudâ check result.
- Follow the link via Jenkins for the âbranchâ build, then via its âSonarâ Jenkins stage. Follow link to sonarcloud where the page says âNo issuesâ. See warning note in top-right âCould not find ref âmasterâ in refs/heads or refs/remotes/origin.â
- Follow the link via Jenkins for the âpr-mergeâ build, then via its âSonarâ Jenkins stage. Follow link to sonarcloud where the page says âNo issuesâ. There is no warning note.
A JavaScript-based repository:
https://github.com/folio-org/ui-licenses/pull/59 (merged)
https://github.com/folio-org/ui-licenses/pull/60 (open)
- The âChecksâ tab simply says âQueued xx agoâ.
- The âConversationâ tab link to âShow all checksâ does not show the âSonarCloudâ check result.
- Follow the link via Jenkins for the âbranchâ build, then via its âSonarâ Jenkins stage. Follow link to sonarcloud where the page says âNo issuesâ. See warning note in top-right âCould not find ref âmasterâ in refs/heads or refs/remotes/origin.â
- Follow the link via Jenkins for the âpr-mergeâ build, then via its âSonarâ Jenkins stage. Follow link to sonarcloud where the page says âNo issuesâ. There is no warning note.
Here are the parameters for running Sonar in each type:
Maven-based:
if (env.CHANGE_ID) {
echo "PR request: $env.CHANGE_ID"
withCredentials(...snip...) {
withSonarQubeEnv('SonarCloud') {
sh "mvn -B org.sonarsource.scanner.maven:sonar-maven-plugin:${sonarMvnPluginVer}:sonar " +
"-Dsonar.organization=folio-org -Dsonar.verbose=true " +
"-Dsonar.pullrequest.base=master " +
"-Dsonar.pullrequest.branch=${env.BRANCH_NAME} " +
"-Dsonar.pullrequest.key=${env.CHANGE_ID} " +
"-Dsonar.pullrequest.provider=github " +
"-Dsonar.pullrequest.github.repository=folio-org/${env.projectName}"
// "-Dsonar.pullrequest.github.endpoint=https://api.github.com"
}
}
}
else {
withSonarQubeEnv('SonarCloud') {
if (env.BRANCH_NAME != 'master') {
sh "mvn -B org.sonarsource.scanner.maven:sonar-maven-plugin:${sonarMvnPluginVer}:sonar " +
"-Dsonar.organization=folio-org -Dsonar.verbose=true " +
"-Dsonar.branch.name=${env.BRANCH_NAME} " +
"-Dsonar.branch.target=master"
}
else {
sh "mvn -B org.sonarsource.scanner.maven:sonar-maven-plugin:${sonarMvnPluginVer}:sonar " +
"-Dsonar.organization=folio-org -Dsonar.verbose=true"
}
}
}
JavaScript-based:
withCredentials(...snip...) {
withSonarQubeEnv('SonarCloud') {
def scannerHome = tool 'SonarQube Scanner'
def excludeFiles = '...snip...'
if (env.CHANGE_ID) {
sh "${scannerHome}/bin/sonar-scanner " +
"-Dsonar.projectKey=org.folio:${env.projectName} " +
"-Dsonar.projectName=${env.projectName} " +
"-Dsonar.organization=folio-org " +
"-Dsonar.sources=. " +
"-Dsonar.language=js " +
"-Dsonar.exclusions=${excludeFiles} " +
"-Dsonar.pullrequest.base=master " +
"-Dsonar.pullrequest.key=${env.CHANGE_ID} " +
"-Dsonar.pullrequest.branch=${env.BRANCH_NAME} " +
"-Dsonar.pullrequest.provider=github " +
"-Dsonar.pullrequest.github.repository=folio-org/${env.projectName} "
// "-Dsonar.pullrequest.github.endpoint=https://api.github.com"
}
else {
if (env.BRANCH_NAME != 'master' ) {
sh "${scannerHome}/bin/sonar-scanner " +
"-Dsonar.organization=folio-org " +
"-Dsonar.projectKey=org.folio:${env.projectName} " +
"-Dsonar.projectName=${env.projectName} " +
"-Dsonar.branch.name=${env.BRANCH_NAME} " +
"-Dsonar.branch.target=master " +
"-Dsonar.sources=. " +
"-Dsonar.language=js " +
"-Dsonar.exclusions=${excludeFiles} " +
"-Dsonar.javascript.lcov.reportPaths=${lcovPath}/lcov.info"
}
else {
sh "${scannerHome}/bin/sonar-scanner " +
"-Dsonar.organization=folio-org " +
"-Dsonar.projectKey=org.folio:${env.projectName} " +
"-Dsonar.projectName=${env.projectName} " +
"-Dsonar.sources=. " +
"-Dsonar.language=js " +
"-Dsonar.exclusions=${excludeFiles} " +
"-Dsonar.javascript.lcov.reportPaths=${lcovPath}/lcov.info"
}
}
}
}
We hope that that detail helps to determine what is amiss.