Unable to see the PR scan results

Hi Team,
I have configured Git, TeamCity and SonarCloud and able to scan my projects and they are showing the results as expected… However, when I am trying to analyze PR’s the scan is getting completed with some warnings but in PR report page it is not showing any details of Bug, Vulnerabilities etc… Do we need to enable any settings… I am just sharing a sample project screen shot and we are trying to implement the similar PR scan on our client repo which is a private repo and I can’t share that info…

Please help…

Thanks,
RK

Hi,
if I correctly found your sample project (https://github.com/ramiyerk/calculator/) and one of its PR (https://github.com/ramiyerk/calculator/pull/3/commits/3210fc440eee2971dcd74d8400a7e3594384abe6), then it is expected that SonarCloud does not find any issue because the rule which would raise an issue on the 2 lines that you added (public fields) is not activated on the custom quality profile that you created (https://sonarcloud.io/organizations/ramiyerk-github/rules?activation=true&open=squid%3AClassVariableVisibilityCheck&q=squid%3AClassVariableVisibilityCheck&qprofile=AWlRnfoE17pPkTt500PF).

IMO, you should rely on the default built-in quality profiles.

Hi,
Yes, that is the correct sample project. I have opted to use the Built-in default Quality Profile & Quality Gate and tried to run the PR analysis once again but still it is not showing any results.
Here is the new pull request link… (https://github.com/ramiyerk/calculator/pull/8/commits/7968f69cddf37db726328f93946807f54a0a146d)
Even I have tried to use the sample profile and activated the rule but still it is showing blank.

Anything I am missing ?

Thanks,
RK

You are not using the default “Sonar way” Java. Look at the right side of your project homepage:

image

As mentioned earlier, I have tried with built in Quality profile and the one which I have created as well… Now I am able to see the PR results in the sonar cloud… But, all of a sudden I am not able to see the PR Checks in Github… Previously I used to see them…

Don’t know what went wrong… Somebody pls help me

Can someone help me pls…

If you look at the warnings inside SonarCloud (for instance for the PR #17), you can see:

What did you change between this PR analysis (#17) and the one which succeeded (#8)?

I have provided collaborator access to one of my colleague to do some changes in the code and merge it… since then it stopped working…If u see my pull requests from #9 onwards it stopped working… I tried removing the user and changing the branch and adding a new branch but still no luck :frowning:

@ramiyerk could you please share some information about how TeamCity is configured? How does it checkout sources? Could you share some logs? Apparently scanner does not succeed to get the git sha1.

@simon.brandhof…TeamCity is configured with Git and SonarCloud I have followed the documentation from SonarCloud it self… PSB the screenshot of the VCS configuration.

Also, Please find attach the 2 logs. One log where previously, when I trigger any build with teamcity the github pull request checks used to get updated automatically… The other log which is not getting updated the current situation.
Github_Checks_Shows_Calculator_Build-Calculator_33.txt (37.5 KB)

Github_Checks_Doesn’t_Shows_Calculator_Build-Calculator_100.txt (37.5 KB)

Any help will be highly appreciated…

Thanks,
Ram

Can someone pls help me here ?

@ramiyerk Could you also share the build configuration? I wonder how TeamCity provides the pull request information (id, branch, base branch).

mvn sonar:sonar -Dsonar.projectKey=ramiyerk_calculator -Dsonar.organization=ramiyerk-github -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx -Dsonar.pullrequest.provider=GitHub -Dsonar.pullrequest.base=master -Dsonar.pullrequest.branch=sonar_test -Dsonar.pullrequest.key=27 -Dsonar.pullrequest.github.repository=ramiyerk/calculator

Do you mean that the configuration is hardcoded for this pull request? How are you going to handle future pull requests?

Coming back to the Github check that is not updated, could you please verify that the Git sha checked-out by the TeamCity job is the public sha displayed on the GitHub pull request?

Yes, as of now I have used the hardcoded values… But in future I would like to fetch the values dynamically from Git. That’s the reason I have raised the below post as well…

If I am not wrong, I can see both Git sha checked-out by teamcity job and the public sha displayed on GitHub pull request are same as per the below screen shots.

image

Thanks,
Ram