Unable to disable PR decoration on latest SonarQube

Hey,

We have just updated to v9.4 of SonarQube, and suddenly PR comments have been re-enabled on projects where previously we had them disabled.

I’ve checked the project settings, and there doesn’t seem to be an option for “Pull Request Decoration” anymore.

We are unable to use the PR decoration due to the lack of support for monorepos in Developer edition. Please can you let me know how to disable PR decoration on some projects

Thanks

Hi,

I’m not aware of any recent changes here. To help understand what’s going on, what version did you upgrade from?

 
Thx,
Ann

Hey,

We went from 8.2. You can see here that PR decoration is no longer listed in General settings

Hi,

I believe you should just be able to hit ‘Reset’ on the config page you’re showing.

 
Ann

Thanks, I gave that a go and unfortunately PR comments are still appearing. I guess because we have the token to Azure Devops set globally still, for project importing & for other teams that dont use monorepos to use the PR integration.

Is there anything else I can do?

Hi,

That’s supposed to be what you do. I’ve flagged this thread for more expert attention.

 
Ann

1 Like

Thanks @ganncamp. Any updates on this?

@ganncamp do you know how I can progress this? Other than turning off SonarQube PR analysis

Hi, still trying to resolve this issue.

We are getting bad behavior from PR notifications due to our monorepo structure. As support for monorepos is behind an enterprise license, we need to be able to turn off PR comments on a per project basis.

Please can you let us know how to achieve this?

Thanks

Hey @jlawless,

After clicking on “Reset”, the General Settings / DevOps Platform Integration page should look like this:

After doing that, no new PR decoration should be triggered for your project’s PR. However, previously created comments on your Azure PRs won’t be deleted by turning this off.

I’ve tried reproducing this locally and the behaviour seems consistent to what I have described.

Could you confirm if the PR decoration comments you’re seeing are appearing after the DevOps settings were reset for all relevant projects of the monorepository?

1 Like

Hey, thanks for the reply! I’ve just gone through each project in our repo and ensured that setting is cleared.

Just for clarity, its still set at the global level, but each project has it cleared.

We are still getting comments on all our PRs. Is there any logs I could privately provide to help out?

Hey @jlawless!

Thanks for taking the time to confirm this for every project.

When you say:

its still set at the global level

Do you mean that there is a configuration for Azure in Administration / DevOps Platform Integrations?

If that’s the case, that would be fine - and even with that, PR decoration shouldn’t happen if those configs are removed at a project level.

I’d like to ask you for a few more steps to try to reproduce this and for logs, so I’ll send you a PM :smiley:

Yeah thats what I mean. Thanks, ill look out for your PM!

1 Like

You should have received it already, you can click on your avatar (top right) and then on messages:

1 Like

With @jlawless’s help we were able to determine what was the reason behind PR Decoration still taking place:

Even with the DevOps Platform information being cleared out from the project on SQ, PR Decoration can still happen if there are global DevOps Platform settings for Azure, and if the analysis for that wrongly-decorated project is being triggered through an Azure pipeline using the SQ Azure DevOps extension.

The “Prepare Analysis on SonarQube” task provided by this extension defines a value for the sonar.pullrequest.provider scanner parameter.

This parameter can act as a fallback mechanism for also triggering PR Decoration. When it is used, a warning will be displayed on the analyzed Pull Request on SQ.

The warning states:

After checking with the team responsible for the extension, I confirmed that the definition of this parameter cannot be removed, as it is needed for SonarCloud.

Here is a workaround to avoid PR decoration:

  1. Edit the pipeline that is triggering the SQ analysis
  2. On the “Prepare Analysis on SonarQube” task, open the “Advanced” section and add
sonar.pullrequest.provider=''

This should result in newer executions of the pipeline not triggering PR decoration.

It will also add a warning like this to your PR on SQ:

Going forward:
I understand this is not the ideal hack and that we should provide a better solution, like explicitly “turning off” PR decoration from SQ’s UI. Therefore I’ll raise this subject internally with our PMs.

3 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.