Open royteeuwen opened 5 years ago
Which version of sonarqube/stash/sonar-stash are you using?
Hey @t-8ch
That would be:
SonarQube 6.7.2 Bitbucket Server 5.9.1
Don't know where I can view the version of sonar-stash? Bitbucket / SonarQube are managed by the IIT departement, I can ask
It is reported in the sonar-scanner output. Is your project multi-module?
It's a POC but I am setting it up as multi module yes:
sonar.projectKey=MY_project
sonar.projectName=Project Name
sonar.sourceEncoding=UTF-8
sonar.modules=services
services.sonar.projectName=Services Module
services.sonar.sources=src/main/java
services.sonar.language=java
services.sonar.java.source=1.8
services.sonar.java.binaries=target/classes
17:14:33 17:14:33.040 DEBUG: Plugins:
17:14:33 17:14:33.041 DEBUG: * CVS 1.0 (scmcvs)
17:14:33 17:14:33.041 DEBUG: * Sonar Coffeelint Plugin ODD 1.1 (sonarcoffeelintpluginodd)
17:14:33 17:14:33.041 DEBUG: * CSS / SCSS / Less 4.14 (css)
17:14:33 17:14:33.041 DEBUG: * Crowd 2.0 (crowd)
17:14:33 17:14:33.041 DEBUG: * Scala 6.4.0 (scala)
17:14:33 17:14:33.041 DEBUG: * PMD 2.6 (pmd)
17:14:33 17:14:33.041 DEBUG: * Android 1.1 (android)
17:14:33 17:14:33.041 DEBUG: * Svn 1.7.0.1017 (scmsvn)
17:14:33 17:14:33.041 DEBUG: * SonarC# 7.0.1.4822 (csharp)
17:14:33 17:14:33.041 DEBUG: * SonarJava 5.11.0.17289 (java)
17:14:33 17:14:33.042 DEBUG: * SonarWeb 2.6.0.1053 (web)
17:14:33 17:14:33.042 DEBUG: * SonarXML 1.5.0.1373 (xml)
17:14:33 17:14:33.042 DEBUG: * SonarTS 1.6.0.2388 (typescript)
17:14:33 17:14:33.042 DEBUG: * Checkstyle 4.8 (checkstyle)
17:14:33 17:14:33.042 DEBUG: * SonarPython 1.12.0.2726 (python)
17:14:33 17:14:33.042 DEBUG: * AGF3 Custom Rules for XML 1.5 (agf3xmlrules)
17:14:33 17:14:33.042 DEBUG: * AGF3 Custom Rules for Java 1.5 (agf3javarules)
17:14:33 17:14:33.042 DEBUG: * Kotlin 0.4.1 (kotlin)
17:14:33 17:14:33.042 DEBUG: * Motion Chart 1.7 (motionchart)
17:14:33 17:14:33.042 DEBUG: * Widget Lab 1.8.1 (widgetlab)
17:14:33 17:14:33.043 DEBUG: * Swift (Backelite) 0.3.5 (backelitesonarswiftplugin)
17:14:33 17:14:33.043 DEBUG: * Sonar Coffeelint Plugin 1.2 (coffeelint)
17:14:33 17:14:33.043 DEBUG: * SonarJS 4.1.0.6085 (javascript)
17:14:33 17:14:33.043 DEBUG: * Findbugs 3.6.0 (findbugs)
17:14:33 17:14:33.043 DEBUG: * Groovy 1.5 (groovy)
17:14:33 17:14:33.043 DEBUG: * Git 1.4.0.1037 (scmgit)
17:14:33 17:14:33.043 DEBUG: * LAA Java NC Plugin 1.0.0 (LAAjavaplugin)
17:14:33 17:14:33.043 DEBUG: * ObjectiveC (Backelite) 0.6.2 (backelitesonarobjectivecplugin)
17:14:33 17:14:33.043 DEBUG: * SonarQube SCSS Custom Rules Plugin for Atlas 1.0 (atlassonarscsscustomrulesplugin)
17:14:33 17:14:33.043 DEBUG: * Stash 1.3.0 (stash)
Then you should probably look at the sonar.stash.repository.root
setting.
Also if this is a POC, beginning with a single-module project would probably be easier.
FYI sonar-stash will stop working as soon as you upgrade to SonarQube 7.7, so I would advise against a new deployment. (The reasoning is explained in the README).
Also 1.3.0 is quite old.
Yup I saw the reasoning, not sure when the upgrade here is about to happen but I dont see it happening this year, so if we can get those PR remarks for a year then thats at least a win :)!
I will switch to single module! What could be wrong with the sonar.stash.repository.root? What should it be configured as?
Will ask the IIT department to upgrade the stash plugin as well
It should be set to the root of the repository for multi-module projects. It most probably is "$PWD". For testing you can also spin up a local SQ instance easily.
Switched to single module. Didn't fix it sadly enough though Well ${WORKSPACE} is the $PWD in a jenkins pipeline, so I guess that should be fine
I will try out with a local SQ instance and version 1.3.0 and 1.6.0 to see if one of them works :)
Worked for me on a multimodule maven project. I was missing -Dsonar.stash.repository.root=$PWD
.
I am running the mvn command in the root directory of the maven project and referencing a pom.xml of one of the underling modules. Looks in the docker multistage file (which is used within a jenkins pipeline) like this:
mvn -B \ -Dsonar.host.url=${SONAR_HOST_URL} \ -Dsonar.login=${SONAR_TOKEN} \ -Dsonar.analysis.mode=issues \ -Dsonar.stash.comments.reset=true \ -Dsonar.stash.include.existing.issues=false \ -Dsonar.stash.notification=true \ -Dsonar.stash.project=${BITBUCKET_PROJECT} \ -Dsonar.stash.repository=${BITBUCKET_REPOSITORY} \ -Dsonar.stash.pullrequest.id=${CHANGE_ID} \ -Dsonar.stash.include.overview=false \ -Dsonar.stash.task.issue.severity.threshold=MINOR \ -Dsonar.stash.repository.root=$PWD \ -DrunSonar \ ${SONAR_MAVEN_GOAL} \ -f ${MODULE-DIRNAME}/ \
We have sonar installed and the sonar stash plugin as well, but when using the plugin, we only get the overview comment and not the comments inline on the diff view.
Our setup: Jenkins with a pipeline step for develop:
Jenkins with a pipeline for the PR:
It also seems that even when adding an obvious nullpointer exception, it states "No new issues detected!"
Any guidelines on how to debug?