7

Problem Description

I have set up our CI tool (Teamcity) to run a SonarQube preview analysis of a project each time a pull request is made in Github. To test that everything worked correctly, I added a few issues to the codebase before submitting a pull request. The preview analysis runs without any issues, and the pull request is updated with the follwing in the summary:

"sonarqube — SonarQube reported no issues"

The problem is that none of the new issues that I introduced into the codebase are written as inline comments to the pull request.

Debugging Steps and Logs

I ran the preview analysis a second time with the sonar.verbose property set to true to set the log level to DEBUG.

The command I am using to execute the analysis using the MSBuild Runner from Teamcity is as follows:

MSBuild.SonarQube.Runner.exe begin /k:<project_key> /n:"<project_name>" /v:%build.number% /d:sonar.analysis.mode=preview /d:sonar.github.oauth="<personal_access_token>" /d:sonar.github.pullRequest="<hard_coded_PR_no>" /d:sonar.github.repository="<organization>/<repo_name>" /d:sonar.issuesReport.console.enable=true /d:sonar.verbose=true

When the analysis ran I could see from the log that the issues are being picked up by SonarQube (see log below). Thus, it seems like there is a problem with the post-job Github Pull Request Issue Publisher. Here is an excerpt from the log:

Working dir: D:\BuildAgent\work\<some_hash>\.sonarqube\out\.sonar
[08:57:01][Step 8/11] INFO: Source encoding: UTF-8, default locale: en_US
[08:57:01][Step 8/11] INFO: Sensor XmlFileSensor
[08:57:01][Step 8/11] INFO: Sensor XmlFileSensor (done) | time=0ms
[08:57:01][Step 8/11] INFO: Load server issues
[08:57:01][Step 8/11] INFO: Load server issues (done) | time=117ms
[08:57:01][Step 8/11] INFO: Performing issue tracking
[08:57:01][Step 8/11] INFO: 552/552 components tracked
[08:57:01][Step 8/11] INFO: Console report is deprecated. Use SonarLint CLI to have local reports of issues
[08:57:01][Step 8/11] INFO: 
[08:57:01][Step 8/11] 
[08:57:01][Step 8/11] -------------  Issues Report  -------------
[08:57:01][Step 8/11] 
[08:57:01][Step 8/11]        +15 issues
[08:57:01][Step 8/11] 
[08:57:01][Step 8/11]         +4 blocker
[08:57:01][Step 8/11]         +1 critical
[08:57:01][Step 8/11]        +10 major
[08:57:01][Step 8/11] 
[08:57:01][Step 8/11] -------------------------------------------
[08:57:01][Step 8/11] 
[08:57:01][Step 8/11] 
[08:57:01][Step 8/11] INFO: ANALYSIS SUCCESSFUL
[08:57:01][Step 8/11] INFO: Executing post-job GitHub Pull Request Issue Publisher
[08:57:02][Step 8/11] INFO: ------------------------------------------------------------------------
[08:57:02][Step 8/11] INFO: EXECUTION SUCCESS
[08:57:02][Step 8/11] INFO: ------------------------------------------------------------------------
[08:57:02][Step 8/11] INFO: Total time: 35.242s
[08:57:02][Step 8/11] INFO: Final Memory: 48M/172M
[08:57:02][Step 8/11] INFO: ------------------------------------------------------------------------
[08:57:03][Step 8/11] The SonarQube Scanner has finished
[08:57:03][Step 8/11] 08:57:03.022  Creating a summary markdown file...
[08:57:03][Step 8/11] 08:57:03.023  Analysis results: http://<sonarqube_server>/dashboard/index/<project_name>
[08:57:03][Step 8/11] Post-processing succeeded.
[08:57:03][Step 8/11] Process exited with code 0

Github Setup

I have added a personal access token on my user that is being used as input to the sonar.github.oauth property. My user has all privileges on the repo in question. The token has been given the "public_repo" scope to be able to write inline comments and update the pull request according to the documentation - only the former is never done.

Version of plugins and tools

  • SonarQube 5.6
  • C# plugin (version 5.3.2)
  • MSBuild Runner plugin (version 1.1)
  • Github plugin (version 1.3)
  • TeamCity (version 9.1.7)
  • Github Enterprise (version 2.7)

What am I missing? One thing I haven't tried yet is to create a dedicated technical Github user, instead of using my own user with a personal access token. Could this be what is causing the issue?

nils1k
  • 467
  • 5
  • 20
  • Were you able to resolve the issue @nils1k? If so, it'd be nice if you could share your findings! – Max Jan 21 '17 at 09:36
  • Were you able to solve this? I have exactly the same problem! – Piotr Wach Mar 21 '17 at 15:41
  • @PiotrWach and Max: I apologize for the (extremely) late response. Unfortunately, I was never able to solve this issue. I have not had the time to investigate it further, as I have been working on other things since then. Feel free to post an answer in this thread if you are able to figure out what the issue is. – nils1k Jul 25 '17 at 15:35
  • Anybody have a solution to this yet? – Bracher Feb 20 '18 at 10:16

1 Answers1

0

I had the same issue when setting up the PR integration using TeamCity & SonarQube. In the end it turned out that the issue was with how TeamCity pulls the source code and copies it over to the build agents.

Make sure that the following has been done:

  1. Under VCS Advanced Settings make sure that VCS checkout mode is set to Always checkout files on agent.

  2. Authentication method needs to be set to Password.

  3. Fetch URL needs to be set to https and not git. This is because we need to do the git pull directly on the build agent using the Password Authentication method.
  4. Make sure that Allow builds in the default branch is unchecked and that Exclude default branch changes from other branches is checked. (This isn't required but assures that you don't build anything other than PR branches.
  5. JDK 8 is installed on the TeamCity build agents (make sure you restart the build agent after installing it)

I'm not sure that this will solve your issue, but this worked for us.

Bracher
  • 651
  • 10
  • 24