SonarQube version: 10.1.0
(Developer Edition)
Deployed with Helm chart 10.1.0+628
On every analysis, either on main branch or PR branches, we get a couple of warnings that read the following:
Failed to report status to Devops platform because the GitHub App doesn't have the checks:write permission. Please read "Activating pull request decoration" section in the "Get Started > GitHub" documentation page to fix your setup.
However:
- The GitHub app we use already has the
checks:write
permission - And PR decoration + check status reporting actually works
- The “DevOps integration > GitHub > Check Configuration” doesn’t yield any error
We use the GitHub action for decoration (sonarsource/sonarqube-scan-action@master
) without the Quality Gate Action as we’re only using SonarQube to assist on code quality at the moment in a non-blocking manner.
Relevant logs from the server:
2023.06.30 16:26:13 WARN ce[XXXXXXXXX][c.s.F.D.G.N] Pull request decoration failed
java.lang.IllegalStateException: GitHub App doesn't have the checks:write permission
at com.sonarsource.F.D.G.N.A(Unknown Source)
at java.base/java.util.Optional.ifPresent(Unknown Source)
at com.sonarsource.F.D.G.N.A(Unknown Source)
at com.sonarsource.F.D.G.N.F(Unknown Source)
at com.sonarsource.F.D.G.N.D(Unknown Source)
at com.sonarsource.F.D.G.N.B(Unknown Source)
at com.sonarsource.F.D.G.B.A.A.A(Unknown Source)
at com.sonarsource.F.D.G.J.A(Unknown Source)
at java.base/java.util.Spliterators$ArraySpliterator.forEachRemaining(Unknown Source)
at java.base/java.util.stream.ReferencePipeline$Head.forEach(Unknown Source)
at com.sonarsource.F.D.G.J.A(Unknown Source)
at com.sonarsource.F.D.c.A(Unknown Source)
at java.base/java.util.Optional.ifPresent(Unknown Source)
at com.sonarsource.F.D.c.A(Unknown Source)
at com.sonarsource.F.D.c.B(Unknown Source)
at org.sonar.ce.async.SynchronousAsyncExecution.addToQueue(SynchronousAsyncExecution.java:27)
at com.sonarsource.F.D.c.A(Unknown Source)
at java.base/java.util.Optional.ifPresent(Unknown Source)
at com.sonarsource.F.D.c.finished(Unknown Source)
at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.executeTask(PostProjectAnalysisTasksExecutor.java:102)
at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.finished(PostProjectAnalysisTasksExecutor.java:93)
at org.sonar.ce.task.step.ComputationStepExecutor.executeListener(ComputationStepExecutor.java:89)
at org.sonar.ce.task.step.ComputationStepExecutor.execute(ComputationStepExecutor.java:61)
at org.sonar.ce.task.projectanalysis.taskprocessor.ReportTaskProcessor.process(ReportTaskProcessor.java:75)
at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.executeTask(CeWorkerImpl.java:212)
at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.run(CeWorkerImpl.java:194)
at org.sonar.ce.taskprocessor.CeWorkerImpl.findAndProcessTask(CeWorkerImpl.java:160)
at org.sonar.ce.taskprocessor.CeWorkerImpl$TrackRunningState.get(CeWorkerImpl.java:135)
at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:87)
at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:53)
at com.google.common.util.concurrent.TrustedListenableFutureTask$TrustedFutureInterruptibleTask.runInterruptibly(TrustedListenableFutureTask.java:131)
at com.google.common.util.concurrent.InterruptibleTask.run(InterruptibleTask.java:74)
at com.google.common.util.concurrent.TrustedListenableFutureTask.run(TrustedListenableFutureTask.java:82)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.base/java.lang.Thread.run(Unknown Source)
2023.06.30 16:26:13 INFO ce[XXXXXXXXX][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Pull Request decoration | status=SUCCESS | time=3233ms
2023.06.30 16:26:13 INFO ce[XXXXXXXXX][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Report branch Quality Gate status to devops platforms | status=SUCCESS | time=0ms
2023.06.30 16:26:14 INFO ce[XXXXXXXXX][o.s.c.t.CeWorkerImpl] Executed task | project=XXXXXXXXX | type=REPORT | pullRequest=XXXXXXXXX | id=XXXXXXXXX | submitter=XXXXXXXXX | status=SUCCESS | time=5797ms
Did I miss anything obvious ? I’m new to SonarQube so that’s entirely possible
Many thanks !