search

gabrie-allaigre / sonar-gitlab-plugin

Add to each commit GitLab in a global commentary on the new anomalies added by this commit and add comment lines of modified files
GNU Lesser General Public License v3.0
713 stars 207 forks source link

Work with Merge Requests #178

Open heruan opened 5 years ago

heruan commented 5 years ago

I cannot understand how to configure the plugin to work with Merge Requests. The goal is when a non-master branch is pushed and a MR is created for that branch, to have SonarQube comments on the MR discussion/review. Any advice on how to set this up? Thank you!

ghost commented 5 years ago

Same request. Current my Sonar plugin only comment when MR have been merged to develop :(

samuel-os commented 5 years ago

I've the same issue at the moment. I do the sonar analysis with the follwing command:

mvn $MAVEN_CLI_OPTS sonar:sonar -Dsonar.issuesReport.console.enable=true 
-Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_TOKEN
-Dsonar.projectKey=$SONAR_PROJECT_ID -Dsonar.gitlab.all_issues=true 
-Dsonar.gitlab.only_issue_from_commit_line=$SONAR_ONLY_COMMIT_LINE
-Dsonar.gitlab.only_issue_from_commit_file=$SONAR_ONLY_COMMIT_FILE
-Dsonar.gitlab.max_blocker_issues_gate=$SONAR_MAX_BLOCKER_ISSUES 
-Dsonar.gitlab.max_critical_issues_gate=$SONAR_MAX_CRITICAL_ISSUES 
-Dsonar.gitlab.max_major_issues_gate=$SONAR_MAX_MAJOR_ISSUES 
-Dsonar.gitlab.max_minor_issues_gate=$SONAR_MAX_MINOR_ISSUES 
-Dsonar.gitlab.max_info_issues_gate=$SONAR_MAX_INFO_ISSUES 
-Dsonar.gitlab.comment_no_issue=true 
-Dsonar.gitlab.project_id=$CI_PROJECT_PATH -Dsonar.analysis.mode=preview 
-Dsonar.gitlab.commit_sha=$(git log --pretty=format:%H $CI_MERGE_REQUEST_TARGET_BRANCH_NAME..$CI_COMMIT_SHA | tr '\n' ',') 
-Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME

Its executed by reacting on merge requests with:

....
  only:
    - merge_requests
...

It the target branch ($CI_MERGE_REQUEST_TARGET_BRANCH_NAME) is the develop branch, everything works fine. But if the the merge request is e. g. from one feature branch to another feature branch I get the following exception and there are no comments added to the merge request:

[INFO] Executing post-job GitLab Commit Issue Publisher
[ERROR] SonarQube failed to complete the review of this commit
java.lang.ArrayIndexOutOfBoundsException: 0
    at java.util.Arrays$ArrayList.get(Arrays.java:3841)
    at com.talanlabs.sonar.plugins.gitlab.CommitIssuePostJob.updateGlobalComments(CommitIssuePostJob.java:187)
    at com.talanlabs.sonar.plugins.gitlab.CommitIssuePostJob.execute(CommitIssuePostJob.java:75)
    at org.sonar.scanner.postjob.PostJobWrapper.executeOn(PostJobWrapper.java:58)
    at org.sonar.scanner.phases.PostJobsExecutor.execute(PostJobsExecutor.java:66)
    at org.sonar.scanner.phases.PostJobsExecutor.execute(PostJobsExecutor.java:55)
    at org.sonar.scanner.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:94)
    at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:180)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
    at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:288)
    at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:283)
    at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:261)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
    at org.sonar.scanner.task.ScanTask.execute(ScanTask.java:48)
    at org.sonar.scanner.task.TaskContainer.doAfterStart(TaskContainer.java:84)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
    at org.sonar.scanner.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:121)
    at org.sonar.batch.bootstrapper.Batch.doExecuteTask(Batch.java:116)
    at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:71)
    at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
    at com.sun.proxy.$Proxy28.execute(Unknown Source)
    at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:185)
    at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:137)
    at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:65)
    at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:104)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:137)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:210)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:156)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:148)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:117)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:81)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:56)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:305)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:192)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:105)
    at org.apache.maven.cli.MavenCli.execute(MavenCli.java:956)
    at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:288)
    at org.apache.maven.cli.MavenCli.main(MavenCli.java:192)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)

[ERROR] Unable to update commit status
java.io.FileNotFoundException: https://xyz/api/v4/projects/325/statuses/null
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1890)
    at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1492)
    at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:263)
    at com.talanlabs.gitlab.api.v4.http.GitLabHTTPRequestor.parse(GitLabHTTPRequestor.java:336)
    at com.talanlabs.gitlab.api.v4.http.GitLabHTTPRequestor.to(GitLabHTTPRequestor.java:123)
    at com.talanlabs.gitlab.api.v4.http.GitLabHTTPRequestor.to(GitLabHTTPRequestor.java:95)
    at com.talanlabs.gitlab.api.v4.services.GitLabAPICommits.postCommitStatus(GitLabAPICommits.java:181)
    at com.talanlabs.sonar.plugins.gitlab.GitLabApiV4Wrapper.createOrUpdateSonarQubeStatus(GitLabApiV4Wrapper.java:211)
    at com.talanlabs.sonar.plugins.gitlab.CommitFacade.createOrUpdateSonarQubeStatus(CommitFacade.java:103)
    at com.talanlabs.sonar.plugins.gitlab.CommitIssuePostJob.execute(CommitIssuePostJob.java:103)
    at org.sonar.scanner.postjob.PostJobWrapper.executeOn(PostJobWrapper.java:58)
    at org.sonar.scanner.phases.PostJobsExecutor.execute(PostJobsExecutor.java:66)
    at org.sonar.scanner.phases.PostJobsExecutor.execute(PostJobsExecutor.java:55)
    at org.sonar.scanner.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:94)
    at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:180)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
    at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:288)
    at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:283)
    at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:261)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
    at org.sonar.scanner.task.ScanTask.execute(ScanTask.java:48)
    at org.sonar.scanner.task.TaskContainer.doAfterStart(TaskContainer.java:84)
    at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
    at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
    at org.sonar.scanner.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:121)
    at org.sonar.batch.bootstrapper.Batch.doExecuteTask(Batch.java:116)
    at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:71)
    at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
    at com.sun.proxy.$Proxy28.execute(Unknown Source)
    at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:185)
    at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:137)
    at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:65)
    at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:104)
    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:137)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:210)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:156)
    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:148)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:117)
    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:81)
    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:56)
    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:305)
    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:192)
    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:105)
    at org.apache.maven.cli.MavenCli.execute(MavenCli.java:956)
    at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:288)
    at org.apache.maven.cli.MavenCli.main(MavenCli.java:192)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
    at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)

$CI_COMMIT_REF_NAME and $CI_COMMIT_SHA have a valid value in both cases.

samuel-os commented 5 years ago

I got it to work, for my case. I'm not sure if the problem was ne name of the target branch ($CI_MERGE_REQUEST_TARGET_BRANCH_NAME) or the fact that the target branch was not available in the local repository and so the git log command failed.

I ended up with justing using commits from the current branch:

-Dsonar.gitlab.commit_sha=$(git log --pretty=format:%H $(git rev-list --simplify-by-decoration -2 HEAD | tail -1)..$(git rev-list --simplify-by-decoration -1 HEAD) | tr '\n' ',')

Maybe that helps someone.

drampelt commented 4 years ago

I just got this working for a project, it looks like the MR discussion feature (https://github.com/gabrie-allaigre/sonar-gitlab-plugin/pull/216) was merged in after the latest release, so I had to download and compile a new version of this plugin for it to work.