Travis plugin is failing on external pull request

juherr · July 6, 2018, 12:09pm

As asked by @Fabrice_Bellingard, I open a topic here.

We are using Travis as CI on the TestNG projects and the SonarCloud plugin is working well on the master branch but not at all on external pull-requests (we didn’t check with internal pull-requests).

The error is:

Unable to execute SonarQube: Fail to get bootstrap index from server: Failed to connect to localhost/127.0.0.1:9000: Connection refused

For example, https://www.travis-ci.com/testng-team/reportng/jobs/132879952 or https://www.travis-ci.com/testng-team/reportng/jobs/133097867

Thanks!
Julien

Fabrice_Bellingard · July 6, 2018, 1:56pm

What’s really weird is that it looks like the SonarCloud Travis Add-on is not loaded during the execution of the build (which explains that the scanner for Maven tries to reach localhost), whereas it seems correctly defined in the Travis YML file.

@dmeneses Do you mind taking a look at this? I’m sure I missed something.

dmeneses · July 6, 2018, 3:03pm

I confirm that it looks like the addon didn’t run at all.
The expected behavior is: the addon should run, see that it’s an unsecure environment and instruct the scanner to skip the analysis (without failing).
I’ve pulled the latest changes in travis-build to check our ITs against it but they are now broken.
I will fix it next week and check if something changed in Travis’ side regarding unsecured builds.

dmeneses · July 6, 2018, 3:10pm

Hi Julien,

Meanwhile, as a workaround, you can define your script with something like this (not tested):

if [ "$TRAVIS_SECURE_ENV_VARS" = true ]; then
   mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent install sonar:sonar
else
  mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent install
fi

dmeneses · July 18, 2018, 7:33am

This is actually the expected behavior since the sonarcloud addon is currently only running in secured environments for security reasons.
Travis will therefore skip it entirely in external (unsecured) pull requests.

juherr · July 18, 2018, 8:10am

Ok, it was my supposition too.

Do you think it is possible that the sonarcloud addon will configure sonar.skip to true in insecure environments?
Otherwise, we have to define a script like you proposed the last time (and maybe it should be documented somewhere).

dmeneses · July 18, 2018, 12:15pm

Actually @Fabrice_Bellingard just reminded me that we changed it at some point, currently it should be the addon to skip the analysis, as you suggest.
There has probably been a regression in Travis, which is skipping the addon in unsecure environments as if the plugin wasn’t safe for such environments.
I’ve created a ticket to track this problem and I’ll check with Travis what’s the situation: https://jira.sonarsource.com/browse/TRAVIS-19

Thanks for reporting it!

svettwer · November 15, 2018, 4:44pm

Hi!

The workaround did not work for me. Nevertheless, I’ve investigated the issue, was able to solve it and would like to share my solution.

#!/bin/bash

if [ "${SONAR_SCANNER_HOME}" != "" ]; then
    COMMAND="mvn --batch-mode -q clean org.jacoco:jacoco-maven-plugin:prepare-agent install sonar:sonar -Dsonar.projectKey=citrus"
else
    COMMAND="mvn --batch-mode -q clean install"
fi

echo ${COMMAND}
${COMMAND}

Here is the issue concerning this in our project:

BR,
Sven

slawekjaranowski · March 7, 2019, 8:39am

There is request for support external pull request
https://jira.sonarsource.com/browse/MMF-1371

I think good idea is vote for this issue.