Unable to Analyze Maven Project in Cirlce CI

SonarQube Cloud
, ,
1

Hi all,

I am trying to use the Maven plugin to analze my project using CircleCI, but constantly receive the following error:

Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project <redacted>: Parameter 'sonar.pullrequest.branch' is mandatory for a pull request analysis

In my project’s POM I have included the following properties:

<sonar.projectKey>
<sonar.organization>
<sonar.host.url>

and I have also added the SONAR_TOKEN to the CircleCI context and the following step to my build:

- run:
          name: Analyze on SonarCloud
          command: mvn sonar:sonar

I was under the impression that the sonar.pullrequest.branch property would be set automatically by the CI system, so is there something I am missing here?

Any help greatly appreciated.

3

Hi @mbamber, welcome to the community forum!

You are correct, we resolve the pull request key from the CI system. And then we use the link between the SonarCloud project and the ALM repository (GitHub, Gitlab, Bitbucket, …) to resolve the sonar.pullrequest.branch property automatically.

I suspect that the link between your SonarCloud project and your ALM might be missing. Which ALM are you using?

Tom

4

Hi Tom,

Thanks for the reply!

I’m using GitHub. How could I check if it is connected properly?

5

On the project overview page on SonarCloud you should see a GitHub icon next to the project name if it is properly connected.

6

Yep I can see that icon so it looks like it’s connected properly.

FWIW, I’ve also tried using the CircleCI orb and I still get the same issue :confused:

7

Ok, something else must be going on then. Is your project public? Could you share the build output of CircleCI?

8

I’m afraid the project is private, so I can’t share too much from the build log on this forum.

I think the following is the interesting part though, where <org> is our organization, and <repo> is the name of the repository/project:

[INFO] Load plugins index
[INFO] Load plugins index (done) | time=138ms
[INFO] Load/download plugins (done) | time=22369ms
[INFO] Loaded core extensions: developer-scanner
[INFO] Process project properties
[INFO] Execute project builders
[INFO] Execute project builders (done) | time=2ms
[INFO] Project key: <org>_<repo>
[INFO] Base dir: /home/circleci/<repo>
[INFO] Working dir: /home/circleci/<repo>/target/sonar
[INFO] Load project settings for component key: '<org>_<repo>'
[INFO] Load project settings for component key: '<org>_<repo>' (done) | time=166ms
[INFO] Found an active CI vendor: 'CircleCI'
[INFO] Load project branches
[INFO] Load project branches (done) | time=100ms
[INFO] Load projects for organization '<org>'
[INFO] Load projects for organization '<org>' (done) | time=94ms
[INFO] Load project pull requests
[INFO] Load project pull requests (done) | time=492ms
[INFO] Load branch configuration
[INFO] Auto-configuring pull request 36
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 30.457 s
[INFO] Finished at: 2020-01-23T08:30:18Z
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project <org>: Parameter 'sonar.pullrequest.branch' is mandatory for a pull request analysis -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
9

@TomVanBraband - have you had any other ideas about why this could be failing?

We’d really like to get this up and running

10

Yes, this could also be the result of a misconfigured token. Could you check that?

If that does not work, I would like to see the full build output if possible (you can send it to me in a personal message if you want)

Tom

11

So I may have found something interesting. I just went to double check the SONAR_TOKEN was correct, and the token was different.

What’s weird is every time I refresh sonarcloud.io/dashboard?id=projectid it presents me with a different token. Maybe this is what is causing the problem?

12

You can view the list of all the tokens you generated by clicking on Profile picture > My account > Security. Each refresh of that page should add a new token to that list. Every token that was generated should still work to analyze your project.

13

@TomVanBraband - sorry for the delay in getting back to you.

I’ve double checked the token and I believe it to be valid.

Please excuse my ignorance but how do I send you a personal message?

14

A late update to this thread: this was caused by the token which did not have sufficient permissions. This is a bug, and it can be tracked here.