Using different organisations on SonarCloud and GitHub

We would like to setup Github Checks (PR decorations?). But we use different organizations between SonarCloud and GitHub. I can’t link these organizations.

Is that possible to setup GitHub Checks matching just GitHub repository + Sonar project?

  • ALM: GitHub
  • CI: Bitrise.io
  • Scanner: MSBuild SonarScanner
  • Languages: C#, Xamarin
  • SonarCloud project is private

Hi,

It is possible if you create an organization (and projects) manually, instead of importing them from GitHub (by clicking on the “Create manually tab” on the organization creation page. But I would not recommend to go with this feature as we’re planning to remove it in the not-too-distant future.

Could you clarify why you need different Organization between SonarCloud and GitHub? Why can’t you simply import your GitHub org in SonarCloud?

That would help me guide you with the best solution.

Thanks,
Benoit

I’ve already created a project manually and send scanned results from CI successfully. Now I’m stuck with decorating PRs in github. Could you please assist with that part?

The reason for this is we work with different clients and want to own (and pay) SonarCloud organization ourselves. Where for this particular project the github organization with repositories is owned by our client. That’s why we would like to link only the repo+project rather than organizations.

We don’t want to commit the client to the paid SonarCloud plan at that point, as we want to make a test run for a few months.

Hi,

Thanks for the explanation, it’s always useful for us to understand use cases of users.

In Administration > General Settings > Pull Request > Integration with GitHub you can set the slug of the GitHub project. That and installing the SonarCloud GitHub app on your repository should be enough to have PR decoration working. But please keep in mind that this manual configuration may be removed in the future.

We still have trouble decorating PRs, though we have the next setup:

  1. The slug is defined in the Integration with GitHub section.
  2. The SonarCloud GitHub app is installed to the repository.
  3. I’m the owner of the SonarCloud organization and project here.
  4. I’m the administrator of the GitHub repository, but not the owner of it. I’ve asked an owner to install the SonarCloud GitHub app.
  5. We send the next properties with scanner:
sonar.pullrequest.base=$BITRISEIO_GIT_BRANCH_DEST
sonar.pullrequest.branch=$BITRISE_GIT_BRANCH
sonar.pullrequest.provider=github
sonar.pullrequest.github.repository=$GIT_REPO_SLUG
sonar.pullrequest.github.endpoint=https://api.github.com
sonar.pullrequest.key=$BITRISE_PULL_REQUEST

Note: the value of $GIT_REPO_SLUG is the same as we specify in step 1

Should we configure SonarCloud GitHub app somehow? Enable Checks or any other actions? What would you recommend to try?

Do you see any warning on the top right corner of a PR dashboard on SonarCloud?
Usually if PR decoration failed, you should get a message with the reason of the failure.

Thanks for the hint! There are two warnings indeed:

  1. The SonarCloud GitHub application is installed on your GitHub organization, but the SonarCloud organization is not bound to it. Please read “How to bind an existing organization?” section in the “Organizations” documentation page to fix your setup.

  2. Pull request decoration did not happen. No commit found for revision ‘98e843c32f8612e0d6fa26f62e987a4532cd764b’. Please pass a valid commit revision to the scanner using ‘sonar.scm.revision’ parameter.

Any idea what to try next?

Ok, seems we have an issue described here: Pull Requests Analysis with GitHub

Our CI make a local merge of the PR and so that create a local revision, which obviously cannot be detected.

Going to adjust it and update the ticket in case of success.

Bingo!

Providing a proper commit has works. In our case it’s:

sonar.scm.revision=$BITRISE_GIT_COMMIT