SonarQube Pull Request Decoration with GitLab CI - can't get it to work

SonarQube Server / Community Build
1

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)

    • SonarQube Developer Edition - 8.1
    • sonar-maven-plugin - 3.7.0.1746
    • GitLab (self-managed) - 12.10.11-ee
    • gitlab-runner - 12.5.0

  • what are you trying to achieve

    • Pull Request Decoration with (self-managed) GitLab CI

  • what have you tried so far to achieve this

    1. Installed SonarQube Developer Edition 8.1

    2. (on GitLab) Created a GitLab user named sonarqube with API access and Developer permissions for the project I am analyzing and generated an API key for this user

    3. Administration -> Configuration -> General Settings -> Pull Request Decoration -> GitLab -> Create configuration -> Entered name “GitLab CI” and a valid API key -> Save

    4. Projects -> My Project Name -> Administration -> General Settings -> Pull Request Decoration -> Configuration Name -> “GitLab CI”

    5. Request to
      SONARQUBE_URL/api/alm_settings/get_binding?project=[HIDDEN_PROJECT_KEY]
      returns
      {"key":"GitLab CI","alm":"gitlab"}

    6. Addded a step in .gitlab-ci.yml which looks like this:

    sonar:
  stage: code_quality
  script:
    ->
     mvn sonar:sonar 
      -Dsonar.host.url=[HIDDEN]
      -Dsonar.login=[HIDDEN]
      -Dsonar.qualitygate.wait=true
      -Dsonar.branch.name=$CI_COMMIT_REF_NAME
    1. I have also tried with adding only: - merge_requests, according to GitLab docs for Merge Request Pipelines, which runs another build with detached tag. Also, additional environment variables like CI_MERGE_REQUEST_* become available to the build step. In this case, the definition of build step in .gitlab-ci.yml looks like:
     sonar:
  stage: code_quality
  script:
    ->
     mvn sonar:sonar 
      -Dsonar.host.url=[HIDDEN]
      -Dsonar.login=[HIDDEN]
      -Dsonar.qualitygate.wait=true
      -Dsonar.branch.name=$CI_COMMIT_REF_NAME
  only:
    - merge_requests
    - branches
    - tags
    1. (on GitLab) Created a pull request to merge branch some/branch-name into develop
    2. Ran the build pipeline and got the following logs

GitLab runner

Click to expand 
  Running with gitlab-runner 12.5.0 (577f813d)
  on [HIDDEN_SERVER_URL]
Using Docker executor with image maven:3.5.4-jdk-11-slim ...
...
some logs omitted for brevity
...
00:53
CI=true
CI_API_V4_URL=https://HIDDEN_SERVER_URL/api/v4
CI_BUILDS_DIR=/builds
CI_BUILD_BEFORE_SHA=0000000000000000000000000000000000000000
CI_BUILD_ID=216911
CI_BUILD_NAME=sonar
CI_BUILD_REF=a4efad7f7ffd262348b806a4ddf2d78350e452a6
CI_BUILD_REF_NAME=some/branch-name
CI_BUILD_REF_SLUG=some-branch-name
CI_BUILD_STAGE=code_quality
CI_BUILD_TOKEN=[MASKED]
CI_COMMIT_BEFORE_SHA=0000000000000000000000000000000000000000
CI_COMMIT_DESCRIPTION=
CI_COMMIT_MESSAGE=Add some more fixes
CI_COMMIT_REF_NAME=some/branch-name
CI_COMMIT_REF_PROTECTED=false
CI_COMMIT_REF_SLUG=some-branch-name
CI_COMMIT_SHA=a4efad7f7ffd262348b806a4ddf2d78350e452a6
CI_COMMIT_SHORT_SHA=a4efad7f
CI_COMMIT_TITLE=Add some more fixes
CI_CONCURRENT_ID=3
CI_CONCURRENT_PROJECT_ID=3
CI_CONFIG_PATH=.gitlab-ci.yml
CI_DEFAULT_BRANCH=master
CI_DISPOSABLE_ENVIRONMENT=true
CI_JOB_ID=216911
CI_JOB_JWT=[MASKED]
CI_JOB_NAME=sonar
CI_JOB_STAGE=code_quality
CI_JOB_TOKEN=[MASKED]
CI_JOB_URL=https://HIDDEN_SERVER_URL/some-group/some-project-name/-/jobs/216911
CI_MERGE_REQUEST_ASSIGNEES=some_assignee
CI_MERGE_REQUEST_EVENT_TYPE=detached
CI_MERGE_REQUEST_ID=5650
CI_MERGE_REQUEST_IID=23
CI_MERGE_REQUEST_PROJECT_ID=243
CI_MERGE_REQUEST_PROJECT_PATH=some-group/some-project-name
CI_MERGE_REQUEST_PROJECT_URL=https://HIDDEN_SERVER_URL/some-group/some-project-name
CI_MERGE_REQUEST_REF_PATH=refs/merge-requests/23/head
CI_MERGE_REQUEST_SOURCE_BRANCH_NAME=some/branch-name
CI_MERGE_REQUEST_SOURCE_BRANCH_SHA=
CI_MERGE_REQUEST_SOURCE_PROJECT_ID=243
CI_MERGE_REQUEST_SOURCE_PROJECT_PATH=some-group/some-project-name
CI_MERGE_REQUEST_SOURCE_PROJECT_URL=https://HIDDEN_SERVER_URL/some-group/some-project-name
CI_MERGE_REQUEST_TARGET_BRANCH_NAME=develop
CI_MERGE_REQUEST_TARGET_BRANCH_SHA=
CI_MERGE_REQUEST_TITLE=Fix some issues as reported by SonarQube and intentionally introduce new ones
CI_NODE_TOTAL=1
CI_PAGES_DOMAIN=pages.[HIDDEN_SERVER_URL].com
CI_PAGES_URL=https://some-group.[HIDDEN_SERVER_NAME].com/some-project-name
CI_PIPELINE_ID=50339
CI_PIPELINE_IID=599
CI_PIPELINE_SOURCE=merge_request_event
CI_PIPELINE_URL=https://HIDDEN_SERVER_URL/some-group/some-project-name/pipelines/50339
CI_PROJECT_DIR=/builds/some-group/some-project-name
CI_PROJECT_ID=243
CI_PROJECT_NAME=some-project-name
CI_PROJECT_NAMESPACE=some-group
CI_PROJECT_PATH=some-group/some-project-name
CI_PROJECT_PATH_SLUG=some-group-some-project-name
CI_PROJECT_REPOSITORY_LANGUAGES=java,shell,dockerfile
CI_PROJECT_TITLE=some-project-name
CI_PROJECT_URL=https://HIDDEN_SERVER_URL/some-group/some-project-name
CI_PROJECT_VISIBILITY=internal
CI_REGISTRY_PASSWORD=[MASKED]
CI_REGISTRY_USER=gitlab-ci-token
CI_REPOSITORY_URL=https://gitlab-ci-token:[MASKED]@HIDDEN_SERVER_URL/some-group/some-project-name.git
CI_RUNNER_DESCRIPTION=[HIDDEN_SERVER_URL]
CI_RUNNER_EXECUTABLE_ARCH=linux/amd64
CI_RUNNER_ID=10
CI_RUNNER_REVISION=577f813d
CI_RUNNER_SHORT_TOKEN=[HIDDEN]
CI_RUNNER_TAGS=cloudsync
CI_RUNNER_VERSION=12.5.0
CI_SERVER=yes
CI_SERVER_HOST=HIDDEN_SERVER_URL
CI_SERVER_NAME=GitLab
CI_SERVER_PORT=443
CI_SERVER_PROTOCOL=https
CI_SERVER_REVISION=eb208234b88
CI_SERVER_TLS_CA_FILE=/builds/some-group/some-project-name.tmp/CI_SERVER_TLS_CA_FILE
CI_SERVER_URL=https://HIDDEN_SERVER_URL
CI_SERVER_VERSION=12.10.11-ee
CI_SERVER_VERSION_MAJOR=12
CI_SERVER_VERSION_MINOR=10
CI_SERVER_VERSION_PATCH=11
...
some custom variables omitted for brevity
...
GITLAB_CI=true

$ mvn sonar:sonar -Dsonar.host.url=[HIDDEN] -Dsonar.login=[HIDDEN] -Dsonar.qualitygate.wait=true -Dsonar.branch.name=$CI_COMMIT_REF_NAME
...
some logs omitted for brevity
...

[INFO] --- sonar-maven-plugin:3.7.0.1746:sonar (default-cli) @ some-project-name ---
[INFO] User cache: /root/.sonar/cache
[INFO] SonarQube version: 8.1.0
[INFO] Default locale: "en", source code encoding: "UTF-8"
[INFO] Load global settings
[INFO] Load global settings (done) | time=187ms
[INFO] Server id: [HIDDEN]
[INFO] User cache: /root/.sonar/cache
[INFO] Load/download plugins
[INFO] Load plugins index
[INFO] Load plugins index (done) | time=59ms
[INFO] Load/download plugins (done) | time=3188ms
[INFO] Loaded core extensions: developer-scanner
[INFO] Process project properties
[INFO] Process project properties (done) | time=13ms
[INFO] Execute project builders
[INFO] Execute project builders (done) | time=9ms
[INFO] Project key: my-org:some-project-name
[INFO] Base dir: /builds/some-group/some-project-name
[INFO] Working dir: /builds/some-group/some-project-name/target/sonar
[INFO] Load project settings for component key: 'my-org:some-project-name'
[INFO] Load project settings for component key: 'my-org:some-project-name' (done) | time=28ms
[INFO] Load project branches
[INFO] Load project branches (done) | time=17ms
[INFO] Load project pull requests
[INFO] Load project pull requests (done) | time=34ms
[INFO] Load branch configuration
[INFO] Load branch configuration (done) | time=3ms
[INFO] Load quality profiles
[INFO] Load quality profiles (done) | time=72ms
[INFO] Detected Gitlab CI
[INFO] Load active rules
[INFO] Load active rules (done) | time=713ms
[INFO] Branch name: some/branch-name
[INFO] Indexing files...
[INFO] Project configuration:
[INFO] 90 files indexed
[INFO] 0 files ignored because of scm ignore settings
[INFO] Quality profile for java: Sonar way
[INFO] Quality profile for xml: Sonar way
[INFO] ------------- Run sensors on module some-project-name
[INFO] Load metrics repository
[INFO] Load metrics repository (done) | time=22ms
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by net.sf.cglib.core.ReflectUtils$1 (file:/root/.sonar/cache/a89f1943fc75b65becd9fb4ecab8d913/sonar-tsql-plugin.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of net.sf.cglib.core.ReflectUtils$1
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
[INFO] Sensor JavaSquidSensor [java]
[INFO] Configured Java source version (sonar.java.source): 11
[INFO] JavaClasspath initialization
[INFO] JavaClasspath initialization (done) | time=16ms
[INFO] JavaTestClasspath initialization
[INFO] JavaTestClasspath initialization (done) | time=5ms
[INFO] Java Main Files AST scan
[INFO] 67 source files to be analyzed
[INFO] Load project repositories
[INFO] Load project repositories (done) | time=38ms
[INFO] 67/67 source files have been analyzed
[INFO] Java Main Files AST scan (done) | time=7866ms
[INFO] Java Test Files AST scan
[INFO] 22 source files to be analyzed
[INFO] 22/22 source files have been analyzed
[INFO] Java Test Files AST scan (done) | time=1933ms
[INFO] Sensor JavaSquidSensor [java] (done) | time=10757ms
[INFO] Sensor SurefireSensor [java]
[INFO] parsing [/builds/some-group/some-project-name/target/surefire-reports]
[INFO] Sensor SurefireSensor [java] (done) | time=63ms
[INFO] Sensor JaCoCoSensor [java]
[INFO] Both 'sonar.jacoco.reportPaths' and 'sonar.coverage.jacoco.xmlReportPaths' were set. 'sonar.jacoco.reportPaths' is deprecated therefore, only 'sonar.coverage.jacoco.xmlReportPaths' will be taken into account. Please check that the JaCoCo plugin is installed on your SonarQube Instance.
[INFO] Sensor JaCoCoSensor [java] (done) | time=5ms
[INFO] Sensor JavaXmlSensor [java]
[INFO] 1 source files to be analyzed
[INFO] Sensor JavaXmlSensor [java] (done) | time=210ms
[INFO] 1/1 source files have been analyzed
[INFO] Sensor HTML [web]
[INFO] Sensor HTML [web] (done) | time=4ms
[INFO] Sensor XML Sensor [xml]
[INFO] 1 source files to be analyzed
[INFO] Sensor XML Sensor [xml] (done) | time=167ms
[INFO] 1/1 source files have been analyzed
[INFO] Sensor JaCoCo XML Report Importer [jacoco]
[INFO] Sensor JaCoCo XML Report Importer [jacoco] (done) | time=52ms
[INFO] Sensor JavaSecuritySensor [security]
[INFO] Reading type hierarchy from: /builds/some-group/some-project-name/target/sonar/ucfg2/java
[INFO] Read 267 type definitions
[INFO] Reading UCFGs from: /builds/some-group/some-project-name/target/sonar/ucfg2/java
[INFO] 17:07:19.602489 Building Type propagation graph
[INFO] 17:07:19.626679 Running Tarjan on 2458 nodes
[INFO] 17:07:19.63336 Tarjan found 2458 components
[INFO] 17:07:19.640856 Variable type analysis: done
[INFO] 17:07:19.643156 Building Type propagation graph
[INFO] 17:07:19.656484 Running Tarjan on 2458 nodes
[INFO] 17:07:19.659737 Tarjan found 2458 components
[INFO] 17:07:19.663221 Variable type analysis: done
[INFO] Analyzing 573 ucfgs to detect vulnerabilities.
[INFO] All rules entrypoints : 3 Retained UCFGs : 44
[INFO] rule: S5131, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S5131 done
[INFO] rule: S3649, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S3649 done
[INFO] rule: S2076, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S2076 done
[INFO] rule: S2091, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S2091 done
[INFO] rule: S2078, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S2078 done
[INFO] rule: S2631, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S2631 done
[INFO] rule: S5135, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S5135 done
[INFO] rule: S2083, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S2083 done
[INFO] rule: S5167, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S5167 done
[INFO] rule: S5144, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S5144 done
[INFO] rule: S5145, entrypoints: 3
[INFO] Visited 44 ucfgs in 61 ms, 766 steps
[INFO] rule: S5145 done
[INFO] rule: S5146, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S5146 done
[INFO] rule: S5334, entrypoints: 0
[INFO] Visited 0 ucfgs in 0 ms, 0 steps
[INFO] rule: S5334 done
[INFO] Sensor JavaSecuritySensor [security] (done) | time=961ms
[INFO] Sensor CSharpSecuritySensor [security]
[INFO] Reading type hierarchy from: /builds/some-group/some-project-name/target/ucfg_cs2
[INFO] Read 0 type definitions
[INFO] Reading UCFGs from: /builds/some-group/some-project-name/target/ucfg_cs2
[INFO] No UCFGs have been included for analysis.
[INFO] Sensor CSharpSecuritySensor [security] (done) | time=1275ms
[INFO] Sensor PhpSecuritySensor [security]
[INFO] Reading type hierarchy from: /builds/some-group/some-project-name/target/sonar/ucfg2/php
[INFO] Read 0 type definitions
[INFO] Reading UCFGs from: /builds/some-group/some-project-name/target/sonar/ucfg2/php
[INFO] No UCFGs have been included for analysis.
[INFO] Sensor PhpSecuritySensor [security] (done) | time=0ms
[INFO] Sensor PythonSecuritySensor [security]
[INFO] Reading type hierarchy from: /builds/some-group/some-project-name/target/sonar/ucfg2/python
[INFO] Read 0 type definitions
[INFO] Reading UCFGs from: /builds/some-group/some-project-name/target/sonar/ucfg2/python
[INFO] No UCFGs have been included for analysis.
[INFO] Sensor PythonSecuritySensor [security] (done) | time=0ms
[INFO] ------------- Run sensors on project
[INFO] Sensor Zero Coverage Sensor
[INFO] Sensor Zero Coverage Sensor (done) | time=1ms
[INFO] Sensor Java CPD Block Indexer
[INFO] Sensor Java CPD Block Indexer (done) | time=82ms
[INFO] SCM Publisher SCM provider for this project is: git
[INFO] SCM Publisher 1 source file to be analyzed
[INFO] SCM Publisher 1/1 source file have been analyzed (done) | time=647ms
[INFO] CPD Executor 18 files had no CPD blocks
[INFO] CPD Executor Calculating CPD for 49 files
[INFO] CPD Executor CPD calculation finished (done) | time=101ms
[INFO] Analysis report generated in 320ms, dir size=1 MB
[INFO] Analysis report compressed in 225ms, zip size=383 KB
[INFO] Analysis report uploaded in 365ms
[INFO] ------------- Check Quality Gate status
[INFO] Waiting for the analysis report to be processed (max 300s)
[INFO] QUALITY GATE STATUS: PASSED - View details on https://[HIDDEN_SERVER_URL]/dashboard?id=my-org%3Asome-project-name&branch=some%2Fbranch-name
[INFO] Analysis total time: 28.309 s
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 45.549 s
[INFO] Finished at: 2020-07-01T17:07:28Z
[INFO] ------------------------------------------------------------------------


Job succeeded

SonarQube ce.log

Click to expand 
2020.07.02 12:04:11 INFO  ce[][o.s.c.t.CeWorkerImpl] Execute task | project=some.project:some-project-name | type=REPORT | branch=some/branch-name | branchType=BRANCH | id=AXMPaaoKqKSRA3j3Rmhp | submitter=someone
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Extract report | status=SUCCESS | time=48ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist scanner context | status=SUCCESS | time=9ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Propagate analysis warnings from scanner report | status=SUCCESS | time=0ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Execute DB migrations for current project | status=SUCCESS | time=2ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Generate analysis UUID | status=SUCCESS | time=1ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Load analysis metadata | status=SUCCESS | time=11ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Initialize | status=SUCCESS | time=3ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Verify billing | status=SUCCESS | time=0ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Build tree of components | components=115 | status=SUCCESS | time=9ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Validate project | status=SUCCESS | time=2ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Load quality profiles | status=SUCCESS | time=147ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Load Quality gate | status=SUCCESS | time=2ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Load new code period | status=SUCCESS | time=3ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Detect file moves | reportFiles=90 | dbFiles=90 | addedFiles=0 | status=SUCCESS | time=2ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Load duplications | duplications=1 | status=SUCCESS | time=2ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute cross project duplications | status=SUCCESS | time=0ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute size measures | status=SUCCESS | time=5ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute new coverage | status=SUCCESS | time=248ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute coverage measures | status=SUCCESS | time=7ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute comment measures | status=SUCCESS | time=0ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Copy custom measures | status=SUCCESS | time=1ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute duplication measures | status=SUCCESS | time=1ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute size measures on new code | status=SUCCESS | time=0ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute language distribution | status=SUCCESS | time=0ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute test measures | status=SUCCESS | time=0ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute complexity measures | status=SUCCESS | time=1ms
2020.07.02 12:04:11 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Load measure computers | status=SUCCESS | time=0ms
2020.07.02 12:04:12 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute Quality Profile status | status=SUCCESS | time=1417ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Execute component visitors | status=SUCCESS | time=203ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Checks executed after computation of measures | status=SUCCESS | time=9ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute Quality Gate measures | status=SUCCESS | time=1ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Compute Quality profile measures | status=SUCCESS | time=0ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Generate Quality profile events | status=SUCCESS | time=3ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Generate Quality gate events | status=SUCCESS | time=174ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist components | status=SUCCESS | time=6ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist analysis | status=SUCCESS | time=2ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist analysis properties | status=SUCCESS | time=0ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist measures | inserts=86 | status=SUCCESS | time=18ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist live measures | insertsOrUpdates=4259 | status=SUCCESS | time=541ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist duplication data | insertsOrUpdates=0 | status=SUCCESS | time=16ms
2020.07.02 12:04:13 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist new ad hoc Rules | status=SUCCESS | time=0ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist issues | inserts=0 | updates=0 | merged=0 | untouched=62 | status=SUCCESS | time=31ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist project links | status=SUCCESS | time=0ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist events | status=SUCCESS | time=2ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist sources | status=SUCCESS | time=103ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Persist cross project duplications | status=SUCCESS | time=0ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Enable analysis | status=SUCCESS | time=3ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Update last usage date of quality profiles | status=SUCCESS | time=3ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Purge db | status=SUCCESS | time=28ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Index analysis | status=SUCCESS | time=50ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Send issue notifications | newIssuesNotifs=0 | newIssuesDeliveries=0 | myNewIssuesNotifs=0 | myNewIssuesDeliveries=0 | changesNotifs=0 | changesDeliveries=0 | status=SUCCESS | time=68ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Publish task results | status=SUCCESS | time=0ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.s.ComputationStepExecutor] Trigger refresh of Portfolios and Applications | status=SUCCESS | time=0ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Webhooks | globalWebhooks=0 | projectWebhooks=0 | status=SUCCESS | time=2ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Pull Request decoration | status=SUCCESS | time=0ms
2020.07.02 12:04:14 INFO  ce[AXMPaaoKqKSRA3j3Rmhp][o.s.c.t.CeWorkerImpl] Executed task | project=some.group:some-project-name | type=REPORT | branch=some/branch-name | branchType=BRANCH | id=AXMPaaoKqKSRA3j3Rmhp | submitter=someone | status=SUCCESS | time=3268ms

However, after the build, there are no comments added to the Pull Request on GitLab CI. Also, the list of Pull Requests on SonarQube - Projects -> My Project -> Administration -> Branches & Pull Requests , is empty.

Screen Shot 2020-07-02 at 2.14.11 PM
Screen Shot 2020-07-02 at 2.14.11 PM1302Ă—315 19.7 KB

Branches tab contains all of the branches - master, develop and some/branch-name .

Any ideas what I may have missed here? Thanks!

2

Hi Danilo,

If your goal is to analyse a Pull Request, then please have a look at this documentation page. You’ll see there that you need to pass the following three parameters to the scanner:

  • sonar.pullrequest.base
  • sonar.pullrequest.key
  • sonar.pullrequest.branch

From your configuration I see you are however passing sonar.branch.name parameter instead. This will consider your analysis to be a Branch Analysis and not a Pull Request Analysis. Also, you must use “only: merge_requests” in your pipeline or a “rules” equivalent syntax (read this page from GitLab) so that GitLab triggers a build correctly configured for any pull request (aka merge request). This is what you did on step 7 but you should differentiate the pipeline to scan branches (pass sonar.branch.name parameter) from the pipeline to build merge requests (pass the 3 parameters I pointed out above).

Also, I recommend you upgrade to version 8.3: you will get these 3 parameters auto populated, bug fixes etcetera. My config with version 8.3 looks like this:

image:
  name: sonarsource/sonar-scanner-cli:latest
  entrypoint: [""]
variables:
  GIT_DEPTH: 0
sonarqube-check:
  stage: test
  script:
    - sonar-scanner -Dsonar.qualitygate.wait=true
  allow_failure: true
  only:
    - merge_requests

Hope it helps, cheers,
Daniel

3

Hi @Daniel_Meppiel,

Thank you very much for the quick reply.

I have added the three variables as you instructed and removed the -Dsonar.branch.name and it works like a charm! Also, the automated comment has appeared on the GitLab Pull Request.

Also, thanks for the tip for version 8.3. I’m currently stuck with 8.1 until an ongoing issue with JaCoCo is resolved, but I will definitely take advantage of omitting these variables once I switch to 8.3 - that’s a great tip.

Thanks a lot for your help!

1 Like
4

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.