Sonar Gerrit plugin not reporting results

匿名 (未验证) 提交于 2019-12-03 10:24:21

问题:

We utilize the pipeline and after the build completes successfully we are running the following:

bat "mvn sonar:sonar -B -s ${buildSettings} -Dsonar.analysis.mode=preview -Dsonar.skipDesign=true -Dsonar.report.export.path=sonar-report.json"  sonarToGerrit(severity: 'Major', postScore: true, category: 'Code-Review', newIssuesOnly: true, issuesScore: '0', noIssuesScore: '0', changedLinesOnly: true) 

The below build log shows that it found a good number of issues but yet the issues to be commented is 0.

Build log

Other posts suggest that it may not be finding the report but I don't believe it's the case as it found a number of issues. Any pipeline configuration advice would be much appreciated.

We are using Sonar Gerrit plugin version 2.2.1, Gerrit Trigger 2.27.3 and Jenkins Enterprise version is 2.60.3.1.

回答1:

The most common case regarding to your question is related to the fact that SonarQube checks the whole project, regardless of amount of changes that were done in particular change. When creating a new report, it compares a result with a result that is stored to it's database (with previously found issues that were found in a mode other than preview). Thus sonar marks as new all the issues that it was not aware about before (and if you don't store this information in SonarQube at all - all the issues will be marked as new). But sonar-gerrit plugin can only post issues to the files that were affected by the change it is verifying. So, even if you set to "false" the settings "newIssuesOnly" and "changedLinesOnly", all the issues in files not affected by the change will be ignored.

Shortly, check that the issues marked with "isNew"="true" in your sonar report were actually changed (for changedLinesOnly=true) or located in the changed files (for changedLinesOnly = false) in the commit you are trying to check.

Another possible reason is the project configuration settings. If your files are part of a submodule, you'll need to include the submodule name to project base directories set. Or you may want to try a feature "allow auto match" instead. The feature tries to match SonarQube modules to Gerrit names automatically (available since 2.1).


Not related to your question advises regarding your pipeline code:

At the moment settings recognition for severity (and other enum values) is case-sensitive. In fact, the plugin ignores your "Major" setting as it cannot recognize it, and replaces it with default "INFO" value.

Another thing, I don't see why do you set your "postScore" to true as you set "issuesScore" = 0 and "noIssuesScore"=0. You can just set postScore=false and skip these settings along with "category" for sake of simplicity.

Also, if you use the version of plugin above 2.0, be aware that API has slightly changed and now uses the next structure:

sonarToGerrit (         reviewConfig: [              issueFilterConfig: [                 severity: 'MAJOR',                  newIssuesOnly: false,                  changedLinesOnly: false                 ],              noIssuesTitleTemplate: 'Your text here',             someIssuesTitleTemplate: 'Your text here',             issueCommentTemplate: 'Your text here'         ]     ) 

Though your code should also work (plugin does support previous versions), there is a bigger chance that there may be a bug.



回答2:

I am also facing the same issue with Sonar-Gerrit jenkins plugin. Downloaded it from Jenkins plugins site.Using Sonar-Gerrit plugin 2.2.1, and analysing sonar scan against jenkins workspace.

For a sample,have changed just one file and provided the project base directory to the path of that file, and ran the sonar analysis in issues mode.

Issues are not loaded in Gerrit with logs

Report has loaded and contains 759 issues Issues to be commented: 0 Issues to be involved in score calculation: 0 Review has been sent



标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!