SonarQube on CodeBuild not reporting analysis results

Andrew_Burnett · February 7, 2025, 9:16pm

ALM used: Github
CI system used: Github Actions
Scanner command used when applicable: sonarqube action for Github Actions
Languages of the repository: js/ts/ruby
Error observed: Sonar analysis is not reported
Steps to reproduce: Run SonarQube action on AWS CodeBuild self-hosted Github Actions runners
Potential workaround: N/A

We are attempting to run the SonarQube Github Action: GitHub - SonarSource/sonarqube-scan-action

When running on a standard 8 core Ubuntu runner from Github itself, everything runs fine. We can also run on a now deprecated Philips-Labs self-hosted runner. Both of these CI environments will produce a report in our Sonar UI and post a comment on the PR with analysis information to Github.

Simply running on an AWS CodeBuild runner is enough to break the reporting process. None of the runs, reports, or even PR branches will show in the Sonar UI when run via CodeBuild. In the log output, ANALYSIS SUCCESSFUL link will have the org and repo name, but lack the pull request context that does show up on other runner flavors. Seemingly related issue and possible workaround: SonarCloud PullRequest analysis not working - #4 by Parasappa_Yaragal

We tried unsetting these environment variables, as well as all CODEBUILD_ variables in various iterations. Nothing seems to change the behavior.

Any insights welcome.

Colin · February 10, 2025, 11:29am

Hey there.

This also sounds a bit like this issue.

To try and state the situation briefly:

Automatic detection of PR parameters in a GitHub Actions environment relies on the presence of a GITHUB_ACTIONS environment variable
The scanner does no automatic inference of PR parameters when AWS CodeBuild is detected (presence of CODEBUILD_BUILD_ID and CODEBUILD_START_TIME)
Frustratingly, as found in this post that you noted, if multiple CI environments are detected the autoconfiguration gives up

To be honest, I’m not familiar at all with AWS Code Build runners (until today I thought AWS Code Build and GitHub Actions were very distinct platforms). You learn something new everyday.

You may find it easiest to simply provide the PR parameters on your own.

Or, give a try configuring the GITHUB_ACTIONS environment variable to a value while unsettling CODEBUILD_BUILD_ID and CODEBUILD_START_TIME.

None of these are ideal, and I’ll flag this for attention as a confusing user experience!

Andrew_Burnett · February 10, 2025, 9:53pm

Providing the PR parameters appears to do the trick. By passing the following to the SonarQube Github Action we are successfully getting analysis results on CodeBuild runs:

...
- name: SonarCloud Scan
      uses: SonarSource/sonarqube-scan-action@v4.2.1
      env:
        GITHUB_TOKEN: ${{ inputs.github-token-for-sonar }}
        SONAR_TOKEN: ${{ inputs.sonar-cloud-token }}
      with:
        args: >
          ...
          -Dsonar.pullrequest.key=${{ github.event.pull_request.number || github.event.issue.number }}
          -Dsonar.pullrequest.branch=${{ github.head_ref || github.ref_name }}
          -Dsonar.pullrequest.base=${{ github.event.repository.default_branch }}
...

system · February 21, 2025, 5:15pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.