SonarQube finds no issues, and approves PR.

[danieljimenez]

Quoting another user, as I'm seeing the same thing:

What I see is "SonarQube Analysis reported no issues. Take a chocolate :-)" even if I commited deliberately bad code.

Any tips? It's obviously found my PR, so I do have that setup correctly.

[danieljimenez]

I've tried various times over the last few months with the latest version of both Sonarqube and the plugin.

[mrueegg]

Could you please follow the instructions in the troubleshooting section (https://github.com/mibexsoftware/sonar-bitbucket-plugin#troubleshooting) and send me the debug log output of a build run? That would help me much. Thanks in advance!

[danieljimenez]

Sure thing, I apologize for missing that. I've done that and put it in a gist here.

[danieljimenez]

I've skimmed the logs a few times and didn't see any smoking guns, though it's quite a bit of output.

[bheesma]

I have the same issue. I am using MSBUILD Runner plugin. Sonarqube puts a comment on PR and says No issues. Take a chocolate. But I have put code purposely to receive comments. I also checked the sonarqube web and my latest code is not available there. This plugin appends the pull request id to project key and I think that's why it is not giving comments and not uploading the code to localhost:9000

[bheesma]

It works in "preview" mode though. With issues mode, it is not commenting.

[danieljimenez]

I'm not sure it's supposed to upload the code in preview mode.

[bheesma]

Just to be clear, it is not uploading code in preview mode. It is giving proper comments on the pull request in preview mode. But in issues mode, it just asks us to take a chocolate!

[JustinTullgren]

Hi,

I too am seeing something similar. I committed code with a MAJOR violation and the plugin commented appropriately. Then I fixed that code and put in a BLOCKER violation and the plugin says have a chocolate.

I have tried both PREVIEW and ISSUES mode and the same behavior occurs.

SonarLint CLI and SonarLint for Intellij have correctly identified the problem and tell me before I commit.

I also lowered the SEVERITY to INFO and the comment was updated by the sonar plugin to say that INFO and greater are monitored.

Here is the stack:

11:29:26.397 [DEBUG] [org.sonarqube.gradle.SonarQubeTask] [sonar4bitbucket] Found 1311 issues and 0 of them are new:
11:29:26.398 [DEBUG] [org.sonarqube.gradle.SonarQubeTask] [sonar4bitbucket] And 0 of these are on changed or new lines:
11:29:26.400 [DEBUG] [org.sonarqube.gradle.SonarQubeTask] [sonar4bitbucket] Found 0 existing inline comments:
11:29:26.403 [INFO] [com.sun.jersey.api.client.filter.LoggingFilter] 8 * Client out-bound request
8 > DELETE https://api.bitbucket.org/1.0/repositories/account/slug/pullrequests/612/comments/45540102
8 > Authorization: Bearer CHANGED

11:29:26.404 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@62f7ad856 pairs: {DELETE /1.0/repositories/account/slug/pullrequests/612/comments/45540102 HTTP/1.1: null}{Authorization: Bearer CHANGED}{User-Agent: Java/1.8.0_45}{Host: api.bitbucket.org}{Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2}{Connection: keep-alive}
11:29:26.602 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@2519a40319 pairs: {null: HTTP/1.1 200 OK}{Server: nginx}{Vary: Authorization}{Content-Type: application/json; charset=utf-8}{X-OAuth-Scopes: pullrequest:write, account}{Strict-Transport-Security: max-age=31536000; includeSubDomains; preload}{Date: Thu, 21 Sep 2017 18:29:26 GMT}{X-Served-By: app-141}{ETag: "9838ab67dc42ae08cfcfd40f0715e8f8"}{X-Static-Version: 4166677bc668}{X-Content-Type-Options: nosniff}{X-Accepted-OAuth-Scopes: pullrequest:write}{X-Credential-Type: oauth2}{X-Render-Time: 0.0967440605164}{Connection: keep-alive}{X-Request-Count: 686}{X-Frame-Options: SAMEORIGIN}{X-Version: 4166677bc668}{Content-Length: 391}
11:29:26.602 [INFO] [com.sun.jersey.api.client.filter.LoggingFilter] 8 * Client in-bound response
8 < 200
8 < X-Accepted-OAuth-Scopes: pullrequest:write
8 < X-Credential-Type: oauth2
8 < Server: nginx
8 < X-Content-Type-Options: nosniff
8 < Connection: keep-alive
8 < X-Static-Version: 4166677bc668
8 < X-Version: 4166677bc668
8 < Date: Thu, 21 Sep 2017 18:29:26 GMT
8 < X-Frame-Options: SAMEORIGIN
8 < Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
8 < X-Render-Time: 0.0967440605164
8 < ETag: "9838ab67dc42ae08cfcfd40f0715e8f8"
8 < X-Served-By: app-141
8 < Vary: Authorization
8 < Content-Length: 391
8 < X-OAuth-Scopes: pullrequest:write, account
8 < X-Request-Count: 686
8 < Content-Type: application/json; charset=utf-8
8 < 
{"pull_request_id": 612, "comment_id": 45540102, "pr_repo": {"owner": "account", "slug": "slug"}, "deleted": true, "filename_hash": null, "filename": null, "is_entity_author": false, "parent_id": null, "comparespec": "account/slug:173f7b8c8386\r47015388c5ab", "line_from": null, "line_to": null, "dest_rev": null, "anchor": null, "is_spam": false}

11:29:26.607 [INFO] [com.sun.jersey.api.client.filter.LoggingFilter] 9 * Client out-bound request
9 > POST https://api.bitbucket.org/1.0/repositories/account/slug/pullrequests/612/comments
9 > Content-Type: application/json
9 > Accept: application/json
9 > Authorization: Bearer CHANGED
{"content":"**SonarQube Analysis** reported no issues. Take a chocolate :-)\n\nNote that only issues with severity >= ![INFO](https://raw.githubusercontent.com/mibexsoftware/sonar-bitbucket-plugin/master/src/main/resources/images/severity/INFO.png) (info) are reported."}

11:29:26.608 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@52e6588c8 pairs: {POST /1.0/repositories/account/slug/pullrequests/612/comments HTTP/1.1: null}{Content-Type: application/json}{Accept: application/json}{Authorization: Bearer CHANGED }{User-Agent: Java/1.8.0_45}{Host: api.bitbucket.org}{Connection: keep-alive}{Content-Length: 271}
11:29:26.815 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@2fc5cf7b20 pairs: {null: HTTP/1.1 200 OK}{Server: nginx}{Vary: Authorization}{Vary: Accept-Encoding}{Content-Type: application/json; charset=utf-8}{X-OAuth-Scopes: pullrequest:write, account}{Strict-Transport-Security: max-age=31536000; includeSubDomains; preload}{Date: Thu, 21 Sep 2017 18:29:26 GMT}{X-Served-By: app-140}{ETag: "80a006b5775b472d1fe0e07220643bb9"}{X-Static-Version: 4166677bc668}{X-Content-Type-Options: nosniff}{X-Accepted-OAuth-Scopes: pullrequest:write}{X-Credential-Type: oauth2}{X-Render-Time: 0.11345911026}{Connection: keep-alive}{X-Request-Count: 702}{X-Frame-Options: SAMEORIGIN}{X-Version: 4166677bc668}{Content-Length: 1296}
11:29:26.815 [INFO] [com.sun.jersey.api.client.filter.LoggingFilter] 9 * Client in-bound response
9 < 200
9 < X-Accepted-OAuth-Scopes: pullrequest:write
9 < X-Credential-Type: oauth2
9 < Server: nginx
9 < X-Content-Type-Options: nosniff
9 < Connection: keep-alive
9 < X-Static-Version: 4166677bc668
9 < X-Version: 4166677bc668
9 < Date: Thu, 21 Sep 2017 18:29:26 GMT
9 < X-Frame-Options: SAMEORIGIN
9 < Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
9 < X-Render-Time: 0.11345911026
9 < ETag: "80a006b5775b472d1fe0e07220643bb9"
9 < X-Served-By: app-140
9 < Vary: Accept-Encoding
9 < Vary: Authorization
9 < Content-Length: 1296
9 < X-OAuth-Scopes: pullrequest:write, account
9 < X-Request-Count: 702
9 < Content-Type: application/json; charset=utf-8
9 < 
{"display_name": "account", "parent_id": null, "filename_hash": null, "filename": null, "content": "**SonarQube Analysis** reported no issues. Take a chocolate :-)\n\nNote that only issues with severity >= ![INFO](https://raw.githubusercontent.com/mibexsoftware/sonar-bitbucket-plugin/master/src/main/resources/images/severity/INFO.png) (info) are reported.", "content_rendered": "<p><strong>SonarQube Analysis</strong> reported no issues. Take a chocolate :-)</p>\n<p>Note that only issues with severity &gt;= <img alt=\"INFO\" src=\"https://raw.githubusercontent.com/mibexsoftware/sonar-bitbucket-plugin/master/src/main/resources/images/severity/INFO.png\" /> (info) are reported.</p>", "user_avatar_url": "https://bitbucket.org/account/countca/avatar/32/?ts=1495805744", "utc_created_on": "2017-09-21 18:29:26+00:00", "username": "ountcca", "pr_repo": {"owner": "account", "slug": "slug"}, "deleted": false, "comment_id": 45540870, "comparespec": "account/slug:173f7b8c8386\r47015388c5ab", "line_to": null, "is_spam": false, "pull_request_id": 612, "utc_last_updated": "2017-09-21 18:29:26+00:00", "is_entity_author": false, "convert_markup": false, "line_from": null, "dest_rev": null, "anchor": null, "is_repo_owner": true}

11:29:26.816 [INFO] [com.sun.jersey.api.client.filter.LoggingFilter] 10 * Client out-bound request
10 > POST https://api.bitbucket.org/2.0/repositories/account/slug/pullrequests/612/approve
10 > Authorization: Bearer CHANGED

11:29:26.816 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@4871741e6 pairs: {POST /2.0/repositories/account/slug/pullrequests/612/approve HTTP/1.1: null}{Authorization: Bearer Changed }{User-Agent: Java/1.8.0_45}{Host: api.bitbucket.org}{Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2}{Connection: keep-alive}
11:29:26.947 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@49cec47c18 pairs: {null: HTTP/1.1 409 Conflict}{Server: nginx}{Vary: Authorization}{Content-Type: application/json; charset=utf-8}{X-OAuth-Scopes: pullrequest:write, account}{Strict-Transport-Security: max-age=31536000; includeSubDomains; preload}{Date: Thu, 21 Sep 2017 18:29:26 GMT}{X-Served-By: app-141}{ETag: "0388a9219243de33be04d941da68f4c4"}{X-Static-Version: 4166677bc668}{X-Accepted-OAuth-Scopes: pullrequest:write}{X-Credential-Type: oauth2}{X-Render-Time: 0.0439279079437}{Connection: keep-alive}{X-Request-Count: 127}{X-Frame-Options: SAMEORIGIN}{X-Version: 4166677bc668}{Content-Length: 82}
11:29:26.948 [INFO] [com.sun.jersey.api.client.filter.LoggingFilter] 10 * Client in-bound response
10 < 409
10 < X-Accepted-OAuth-Scopes: pullrequest:write
10 < X-Credential-Type: oauth2
10 < Server: nginx
10 < Connection: keep-alive
10 < X-Static-Version: 4166677bc668
10 < X-Version: 4166677bc668
10 < Date: Thu, 21 Sep 2017 18:29:26 GMT
10 < X-Frame-Options: SAMEORIGIN
10 < Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
10 < X-Render-Time: 0.0439279079437
10 < ETag: "0388a9219243de33be04d941da68f4c4"
10 < X-Served-By: app-141
10 < Vary: Authorization
10 < Content-Length: 82
10 < X-OAuth-Scopes: pullrequest:write, account
10 < X-Request-Count: 127
10 < Content-Type: application/json; charset=utf-8
10 < 
{"type": "error", "error": {"message": "You already approved this pull request."}}

11:29:26.951 [INFO] [com.sun.jersey.api.client.filter.LoggingFilter] 11 * Client out-bound request
11 > POST https://api.bitbucket.org/2.0/repositories/account/slug/commit/173f7b8c8386/statuses/build
11 > Content-Type: application/json
11 > Accept: application/json
11 > Authorization: Bearer UGhHSUnQZg7YCwm8Qzj6Ux4V2-Otac3vvEHpS0yG_X8ctWRAUTJQd1oCQvZmu0qXU1s6VT9fgg9SMhRC9og=
{"name":"Sonar analysis","state":"SUCCESSFUL","url":"sonar/dashboard?id=project:key:feature%2Fjtullgren-sonar-setup","description":"Sonar analysis successful :-)","key":"SONAR-ANALYSIS-PR-612"}

11:29:26.951 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@7374969c8 pairs: {POST /2.0/repositorie/account/slug/commit/173f7b8c8386/statuses/build HTTP/1.1: null}{Content-Type: application/json}{Accept: application/json}{Authorization: Bearer Changed}{User-Agent: Java/1.8.0_45}{Host: api.bitbucket.org}{Connection: keep-alive}{Content-Length: 245}
11:29:27.121 [DEBUG] [sun.net.www.protocol.http.HttpURLConnection] sun.net.www.MessageHeader@1921afb21 pairs: {null: HTTP/1.1 200 OK}{Server: nginx}{Vary: Authorization}{Vary: Accept-Encoding}{Content-Type: application/json}{X-OAuth-Scopes: pullrequest:write, account}{Strict-Transport-Security: max-age=31536000; includeSubDomains; preload}{Date: Thu, 21 Sep 2017 18:29:27 GMT}{Location: /2.0/repositories/account/slug/commit/173f7b8c8386b61556bf210a8528885240363058/statuses/build/SONAR-ANALYSIS-PR-612}{X-Served-By: app-140}{ETag: "58e7bdcd5472615cd2924ce18c8058b4"}{X-Static-Version: 4166677bc668}{X-Content-Type-Options: nosniff}{X-Accepted-OAuth-Scopes: repository}{X-Credential-Type: oauth2}{X-Render-Time: 0.0826239585876}{Connection: keep-alive}{X-Request-Count: 437}{X-Frame-Options: SAMEORIGIN}{X-Version: 4166677bc668}{Content-Length: 1547}
11:29:27.121 [INFO] [com.sun.jersey.api.client.filter.LoggingFilter] 11 * Client in-bound response
11 < 200
11 < X-Accepted-OAuth-Scopes: repository
11 < X-Credential-Type: oauth2
11 < Server: nginx
11 < X-Content-Type-Options: nosniff
11 < Connection: keep-alive
11 < X-Static-Version: 4166677bc668
11 < X-Version: 4166677bc668
11 < Date: Thu, 21 Sep 2017 18:29:27 GMT
11 < X-Frame-Options: SAMEORIGIN
11 < Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
11 < X-Render-Time: 0.0826239585876
11 < ETag: "58e7bdcd5472615cd2924ce18c8058b4"
11 < X-Served-By: app-140
11 < Vary: Accept-Encoding
11 < Vary: Authorization
11 < Content-Length: 1547
11 < X-OAuth-Scopes: pullrequest:write, account
11 < X-Request-Count: 437
11 < Location: /2.0/repositories/ccounta/slug/commit/173f7b8c8386b61556bf210a8528885240363058/statuses/build/SONAR-ANALYSIS-PR-612
11 < Content-Type: application/json
11 < 
{"key": "SONAR-ANALYSIS-PR-612", "description": "Sonar analysis successful :-)", "repository": {"links": {"self": {"href": "https://api.bitbucket.org/2.0/repositories/account/slug"}, "html": {"href": "https://bitbucket.org/account/slug"},  

... some more sensitive data but nothing else

[jmoutte]

I believe the issue comes from the fact that the plugin retrieves the changed lines from the PR in Bitbucket and will try to match analysed warnings with those changed lines. It can happen that the analysis detected your MAJOR issue but reported it with other line numbers than the ones you actually committed which would explain why sonar4bitbucket is ignoring them...

[danieljimenez]

Would posting a bounty from bountysource help get this issue towards the top of the list? I'd throw in.

[fjalars]

Just finished installing the plugin and getting everything running just to hit this bug. I hope someone will fix this because I really like the concept of the plugin.

[nwoolls]

Same here. We use this plugin with SonarQube and Java projects with no problem. However we just got this setup with the MSBuild scanner for C# (.NET Core) projects and, while the issues show on SonarQube and in the scanner log, all that shows on the Bitbucket PR is "no issues take a chocolate".

Edit: this ended up being a difference in the default Quality Profiles in SonarQube on the upgraded instance we were testing. Using the Troubleshooting link posted above helped sort things out.

[rudolphjacksonm]

@nwoolls I've opened an issue but it might just be a duplicate of this one --> #90
I've followed the troubleshooting steps and the debug log looks the same as @JustinTullgren 's, however I don't see any comments whatsoever. Any pointers?