Can't get sonar-stash to add comments

[royteeuwen]

We have sonar installed and the sonar stash plugin as well, but when using the plugin, we only get the overview comment and not the comments inline on the diff view.

Our setup:
Jenkins with a pipeline step for develop:

withSonarQubeEnv('Sonar PRO') {
                    script {
                        def SONAR_SCANNER = tool "SonarQube Runner Latest Version"
                        sh "${SONAR_SCANNER}/bin/sonar-scanner -X"
                    }
                }

Jenkins with a pipeline for the PR:

withSonarQubeEnv('Sonar PRO') {
                    script {
                        def SONAR_SCANNER = tool "SonarQube Runner Latest Version"
                        sh "${SONAR_SCANNER}/bin/sonar-scanner -X  \
                          -Dsonar.analysis.mode=preview \
                          -Dsonar.stash.notification \
                          -Dsonar.stash.project=PROJECT \
                          -Dsonar.stash.repository.root=${WORKSPACE} \
                          -Dsonar.stash.repository=repo \
                          -Dsonar.stash.pullrequest.id=20 \
                          -Dsonar.stash.login=${CREDENTIALS_USR} \
                          -Dsonar.stash.password.variable=CREDENTIALS_PSW"
                    }
                }

It also seems that even when adding an obvious nullpointer exception, it states "No new issues detected!"

Any guidelines on how to debug?

[t-8ch]

Which version of sonarqube/stash/sonar-stash are you using?

[royteeuwen]

Hey @t-8ch

That would be:

SonarQube 6.7.2
Bitbucket Server 5.9.1

Don't know where I can view the version of sonar-stash? Bitbucket / SonarQube are managed by the IIT departement, I can ask

[t-8ch]

It is reported in the sonar-scanner output.
Is your project multi-module?

[royteeuwen]

It's a POC but I am setting it up as multi module yes:

sonar.projectKey=MY_project
sonar.projectName=Project Name

sonar.sourceEncoding=UTF-8

sonar.modules=services

services.sonar.projectName=Services Module
services.sonar.sources=src/main/java
services.sonar.language=java
services.sonar.java.source=1.8
services.sonar.java.binaries=target/classes

[royteeuwen]

17:14:33  17:14:33.040 DEBUG: Plugins:
17:14:33  17:14:33.041 DEBUG:   * CVS 1.0 (scmcvs)
17:14:33  17:14:33.041 DEBUG:   * Sonar Coffeelint Plugin ODD 1.1 (sonarcoffeelintpluginodd)
17:14:33  17:14:33.041 DEBUG:   * CSS / SCSS / Less 4.14 (css)
17:14:33  17:14:33.041 DEBUG:   * Crowd 2.0 (crowd)
17:14:33  17:14:33.041 DEBUG:   * Scala 6.4.0 (scala)
17:14:33  17:14:33.041 DEBUG:   * PMD 2.6 (pmd)
17:14:33  17:14:33.041 DEBUG:   * Android 1.1 (android)
17:14:33  17:14:33.041 DEBUG:   * Svn 1.7.0.1017 (scmsvn)
17:14:33  17:14:33.041 DEBUG:   * SonarC# 7.0.1.4822 (csharp)
17:14:33  17:14:33.041 DEBUG:   * SonarJava 5.11.0.17289 (java)
17:14:33  17:14:33.042 DEBUG:   * SonarWeb 2.6.0.1053 (web)
17:14:33  17:14:33.042 DEBUG:   * SonarXML 1.5.0.1373 (xml)
17:14:33  17:14:33.042 DEBUG:   * SonarTS 1.6.0.2388 (typescript)
17:14:33  17:14:33.042 DEBUG:   * Checkstyle 4.8 (checkstyle)
17:14:33  17:14:33.042 DEBUG:   * SonarPython 1.12.0.2726 (python)
17:14:33  17:14:33.042 DEBUG:   * AGF3 Custom Rules for XML 1.5 (agf3xmlrules)
17:14:33  17:14:33.042 DEBUG:   * AGF3 Custom Rules for Java 1.5 (agf3javarules)
17:14:33  17:14:33.042 DEBUG:   * Kotlin 0.4.1 (kotlin)
17:14:33  17:14:33.042 DEBUG:   * Motion Chart 1.7 (motionchart)
17:14:33  17:14:33.042 DEBUG:   * Widget Lab 1.8.1 (widgetlab)
17:14:33  17:14:33.043 DEBUG:   * Swift (Backelite) 0.3.5 (backelitesonarswiftplugin)
17:14:33  17:14:33.043 DEBUG:   * Sonar Coffeelint Plugin 1.2 (coffeelint)
17:14:33  17:14:33.043 DEBUG:   * SonarJS 4.1.0.6085 (javascript)
17:14:33  17:14:33.043 DEBUG:   * Findbugs 3.6.0 (findbugs)
17:14:33  17:14:33.043 DEBUG:   * Groovy 1.5 (groovy)
17:14:33  17:14:33.043 DEBUG:   * Git 1.4.0.1037 (scmgit)
17:14:33  17:14:33.043 DEBUG:   * LAA Java NC Plugin 1.0.0 (LAAjavaplugin)
17:14:33  17:14:33.043 DEBUG:   * ObjectiveC (Backelite) 0.6.2 (backelitesonarobjectivecplugin)
17:14:33  17:14:33.043 DEBUG:   * SonarQube SCSS Custom Rules Plugin for Atlas 1.0 (atlassonarscsscustomrulesplugin)
17:14:33  17:14:33.043 DEBUG:   * Stash 1.3.0 (stash)

[t-8ch]

Then you should probably look at the sonar.stash.repository.root setting.
Also if this is a POC, beginning with a single-module project would probably be easier.

FYI sonar-stash will stop working as soon as you upgrade to SonarQube 7.7, so I would advise against a new deployment.
(The reasoning is explained in the README).

Also 1.3.0 is quite old.

[royteeuwen]

Yup I saw the reasoning, not sure when the upgrade here is about to happen but I dont see it happening this year, so if we can get those PR remarks for a year then thats at least a win :)!

I will switch to single module!
What could be wrong with the sonar.stash.repository.root? What should it be configured as?

Will ask the IIT department to upgrade the stash plugin as well

[t-8ch]

It should be set to the root of the repository for multi-module projects.
It most probably is "$PWD".
For testing you can also spin up a local SQ instance easily.

[royteeuwen]

Switched to single module. Didn't fix it sadly enough though
Well ${WORKSPACE} is the $PWD in a jenkins pipeline, so I guess that should be fine

I will try out with a local SQ instance and version 1.3.0 and 1.6.0 to see if one of them works :)

[snukone]

Worked for me on a multimodule maven project. I was missing -Dsonar.stash.repository.root=$PWD.

I am running the mvn command in the root directory of the maven project and referencing a pom.xml of one of the underling modules. Looks in the docker multistage file (which is used within a jenkins pipeline) like this:

mvn -B \ -Dsonar.host.url=${SONAR_HOST_URL} \ -Dsonar.login=${SONAR_TOKEN} \ -Dsonar.analysis.mode=issues \ -Dsonar.stash.comments.reset=true \ -Dsonar.stash.include.existing.issues=false \ -Dsonar.stash.notification=true \ -Dsonar.stash.project=${BITBUCKET_PROJECT} \ -Dsonar.stash.repository=${BITBUCKET_REPOSITORY} \ -Dsonar.stash.pullrequest.id=${CHANGE_ID} \ -Dsonar.stash.include.overview=false \ -Dsonar.stash.task.issue.severity.threshold=MINOR \ -Dsonar.stash.repository.root=$PWD \ -DrunSonar \ ${SONAR_MAVEN_GOAL} \ -f ${MODULE-DIRNAME}/ \