SonarQube Pull Request Decoration with BitBucket

Hi Joe
I have another branch named develop_us apart from original one i.e develop having same code.
develop_us branch got scanned and got its report in bitbucket. but those PR changes yet not approved.

Can you please give me clarity before sonar-scanner scan it how report got reflected in bitbucket

@ashishb : nice! Bitbucket PR decoration is working now! Right now, it shows 0 issues and security hotspots. Do you have any actual bugs/issues you want to test with? Jenkinsfile is Groovy, so you won’t see any scanning done there. Do you have a Java file you can add an intentional bug just to test things?

You can add this method and it should trigger a java:S106 code smell:

  void sayHello() {
    System.out.println("Hello World!");

Then scan your pull request again to see the issue and SonarQube annotation showing that code smell issue in your PR in Bitbucket.

Your SonarQube screenshot shows the “develop_us” branch, but your Bitbucket PR is showing the “Ashish-Battise/jenkinsfile-edite…” PR branch, so SonarQube is automatically scanning your PR now.

You can change to the PR branch in SonarQube by clicking on the drop-down and finding your PR branch:

Hi Joe
I can see Bitbucket Decoration for few PR request, for rest it does not reflect.
Any reason for such behavior.

Let’s see an example of when it fails:

  1. Set DEBUG level for the sonar-scanner command (add sonar.verbose=true or -X)
  2. Set DEBUG level on SonarQube (log in as admin, go to Administration > System > Logs level > change it to DEBUG)
  3. Trigger a PR build
  4. Once complete, revert to INFO level on SonarQube (log in as admin, go to Administration > System > Logs level > change it to INFO).
  5. On this same screen, click on Download Logs and select all 5 log files to download them
  6. Download your console output logs from your CI tool
  7. Zip the SonarQube server logs and the build/scanner/CI log together
  8. Attach it here.
  9. If you prefer a private message, we can do that too. Just let me know.

These logs (from the client side and server side) will help us look at what could be causing the issue.