Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

PR Decorations from Sonarqube stay hidden

Johannes Paur
Johannes Paur Nov 10, 2021

Hi everyone,

I have an issue setting up the pull request decorations from Sonarqube Enterprise on Bitbucket Server.

Sonarqube actually delivers the decorations to the Bitbucket instance. There should then be a report available on the pull request page, but there is nothing there.

I tested this with a vanilla bitbucket 6.10.14 and a 7.17.1 (as a docker instance) from a Sonarqube Enterprise 8.9.0, 8.9.1, and 8.9.2.

The Log points to this particular spot:
10.18.199.10,10.18.99.10 | http | o@1BKQBINx694x2333x0 | admin | 2021-11-10 11:34:59,219 | "PUT /rest/insights/1.0/projects/TA/repos/alice/commits/0c1cbc5a1f50cbd017a65c331d5de71af1a3d4b8/reports/com.sonarsource.sonarqube HTTP/1.1" | "" "okhttp/4.9.0" | 200 | 573 | 620 | access-token:id:290119840153 | 91 | 14nhufa |

So, the data lands here, it seems, the commit ID is where the branch split off, so before the actual commit in the branch. I have no idea if this is even remotely correct:

https://my-bitbucket/rest/insights/1.0/projects/TA/repos/alice/commits/0c1cbc5a1f50cbd017a65c331d5de71af1a3d4b8/reports/com.sonarsource.sonarqube

{"data":[{"title":"Bugs","value":"0","type":"TEXT"},{"title":"Vulnerabilities","value":"0","type":"TEXT"},{"title":"Code Smells","value":"0","type":"TEXT"},{"title":"Security Hotspots","value":"0","type":"TEXT"},{"title":"Code Coverage","value":"n/a","type":"TEXT"},{"title":"Duplication","value":"n/a","type":"TEXT"}],"createdDate":1636540499206,"details":"Quality Gate passed","key":"com.sonarsource.sonarqube","link":"https://my-sonar/dashboard?id=TA&pullRequest=1","logoUrl":"https://my-sonar/images/embed-doc/sq-icon.svg","result":"PASS","title":"SonarQube","reporter":"SonarQube"}

What do I miss? Is there an additional configuration necessary in Bitbucket to activate the insights reports on the pull requests page? Is the place the report was delivered to correct? Do I need another plugin apart from the default Code Insights?

Thanks & BR,
Johannes

Answer
Watch
Like Be the first to like this
1527 views

1 answer

1 accepted

1 vote
Answer accepted
Johannes Paur
Johannes Paur Nov 19, 2021

Hi everyone,

I figured it out in the end.

This was the crucial bit of information: https://developer.atlassian.com/server/bitbucket/how-tos/code-insights/

[...]As with the build status API, code insights are only displayed if they are associated with the latest commit on a pull request's source branch. [...]

So, if you do the sonar scan from the wrong branch (!= the PR source branch), or you do pre-merge checks (auto merging and creating commit hashes locally on the CI infrastructure only) then the decoration will not be visible. The report is then, as was my hunch, put in the wrong place.

BR, Johannes

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

See all events