SonarQube Developer Edition Github Enterprise - Decorate PR problem

SonarQube
, ,
1

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    SonarQube * Developer Edition Version 8.3.1 (build 34397)
    Jenkins pipeline (not PR builder plugin)
    Github Enterprise 2.19.9
    GitHub App for integration
    ALM integration for Github configured inside Sonar portal in ALM section (following documentation)
  • what are you trying to achieve
    PR decoration with sonar checks, but I Github is still waiting for checks.
  • what have you tried so far to achieve this
    sonar:sonar command executed by Jenkins: mvn -T 1C clean install scalafix:scalafix site sonar:sonar -Dsonar.login=$SONAR_TOKEN -Dsonar.pullrequest.key=56 -Dsonar.pullrequest.branch=TEST-SONAR -Dsonar.pullrequest.base=master -Dsonar.host.url= https://sonar.corp.com/ -Dsonar.pullrequest.github.endpoint= https://git.company.com/api -Dsonar.pullrequest.github.repository=org/repo -Dsonar.scm.revision=refs/pull/COMMIT_ID/head

I manage to see the PR check in sonar portal, but I receive an warning: Pull request decoration did not happen. Please configure pull request properties in the project administration. for TEST-SONAR PR.

ce.log on DEBUG:
2020.08.06 12:41:05 INFO ce[AXPDyfYGLLFuqhSrc5-H][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Pull Request decoration | status=SUCCESS | time=8ms

Any help will be much appreciated.

2

Hey there.

You’ll need to configure your repository information in your Project Settings.

Screenshot 2020-08-06 at 17.18.08
Screenshot 2020-08-06 at 17.18.082734×1204 225 KB

‘sonar.pullrequest.github.endpoint’ and ‘sonar.pullrequest.github.repository’ have no effect as analysis parameters.

It’s also very unlikely that this is set correctly (it should be set to a SHA)

-Dsonar.scm.revision=refs/pull/COMMIT_ID/head

I’d suggest not passing it at all and see if auto-configuration picks it up correctly.

3

Hi Colin,

Thank you for your fast response.
You are right, I passed SHA (-Dsonar.scm.revision=refs/pull/4266d9574c324c5af41870883ea5643801e4b78a/head ) instead of COMMIT_ID - sorry for the confusion by name it ‘commit_id’
I tried with scm.revision param and without - the same result.

I see you recommend passing repository identifier under housekeeping section, but my version is 8.3.1 and looks totally different(see below). I managed to configure GitHub App with client id and secret.
My first guess is that Sonar cannot make the call to Github and I am asking if there is a way to see the underlying http call (REST or GraphQL)?

Screenshot 2020-08-07 at 10.41.46
Screenshot 2020-08-07 at 10.41.461706×1482 272 KB

4

@Colin, do you have other ideas, how we can investigate further?