[GitLab][Pull Request Decoration] Baseline of Sonarqube/Plugin versions & configuration info

[asciidisco]

Hi 👋

First of all, thank you very much for providing & maintaining this plugin;
as we've already a working Sonarqube & GitLab running, this seems to be the puzzle piece that's missing in order to have a useful combination of both tools.

I know (from various projects) that maintaining such projects is quite time consuming, so if it's wanted, I'd of course contribute the outcome of this thread back as a part of the projects documentation.

That being said, I'm currently working in a sklightly restricted environment, which means, I don't have admin rights to our GitLab & sonarqube instances, but I'd like to offer our DevOps some help, in order to get this plugin working.

From what I've gathered so far (from other issues), in order to have PR (or MR) decoration running in a gitlab project, you have to submit the following options via the sonar-scanner from within our pipeline:

sonar-scanner 
  -D sonar.projectBaseDir=./ 
  -D sonar.projectVersion=${VERSION}
  -D sonar.branch.name=${CI_COMMIT_REF_NAME}
  -D sonar.pullrequest.branch=${CI_COMMIT_REF_NAME}
  -D sonar.pullrequest.base=${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} 
  -D sonar.pullrequest.key=${CI_MERGE_REQUEST_ID} 
  -D sonar.gitlab.project_id=${CI_PROJECT_PATH} 
  -D sonar.gitlab.commit_sha=${CI_COMMIT_SHA} 
  -D sonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}

Which seems to work fine so far, at least Sonarqube is picking up our branches & analyzes them.

What I believe I'm missing is the configuration needed in the GitLab & Sonarqube tools themselves. which again, I can't access myself in our env, but would like to give clear instructions to the people who have.

Also, I'm not quite sure if the versions of all tools involved are sufficient to get the PR decoration working:

• GitLab Community Edition - 12.7.5
• Sonarqube Community Edition - 7.7 (build 23042)
• Sonarqube Community Branch Plugin - 1.0.2

I'd be very very thankful for any guidance, and as said, I'd really like to offer to contribute back documentation which results from this issue.

[nejch]

Hi @asciidisco, I'm in the exact same situation (on the SonarQube side), so I spun up a local instance and installed the plugin. I did this on 7.9 LTS and branch plugin 1.3.0 though - so YMMV.

Here's the configuration: go to Administration -> Configuration. Click on Pull Request from the sidebar, where you can then choose Gitlab from the list of providers (as well as github and bitbucket):

Scroll all the way down to the GitLab integration section, where you can enter the Gitlab token and URL:

Your DevOps team will likely want to manage this via the API or some kind of configuration management tool. Here's a simple example with curl (assuming SONAR_API_TOKEN has admin permissions on SQ and GITLAB_TOKEN is for the bot user with Reporter access in GiLab projects):

curl -u "$SONAR_API_TOKEN" -X POST "http://sonarqube.example.com/api/settings/set?key=sonar.pullrequest.provider&value=GitlabServer"
curl -u "$SONAR_API_TOKEN" -X POST "http://sonarqube.example.com/api/settings/set?key=com.github.mc1arke.sonarqube.plugin.branch.pullrequest.gitlab.url&value=http://gitlab.example.com"
curl -u "$SONAR_API_TOKEN" -X POST "http://sonarqube.example.com/api/settings/set?key=com.github.mc1arke.sonarqube.plugin.branch.pullrequest.gitlab.token&value=$GITLAB_TOKEN"

But I actually found this when I was looking to open an issue which might also solve your problem - I was going to suggest the ability to configure integrations per-project (so on Project Admin level) or to override the system-provided credentials. This would make integration permissions/security more granular and would potentially support having several SCM instances configured. I'll open a new issue and link it here if you're interested.

[placaze]

Hey, I just made it works!

It was a pain, there is absolutely no documentation right now to do PR decoration with GitLab. 😢

• SonarQube 7.9.2 (LTS)
• SonarQube Community Branch Plugin 1.3.0
• GitLab Community Edition 12.8.1

"sonar.pullrequest.branch": $CI_COMMIT_REF_NAME,
"sonar.pullrequest.base": $CI_MERGE_REQUEST_TARGET_BRANCH_NAME,
"sonar.pullrequest.key": $CI_MERGE_REQUEST_IID,
"sonar.pullrequest.gitlab.repositorySlug": $CI_PROJECT_ID

⚠️ sonar.branch.name must NOT be set. I saw it here : #34 (comment).

[mc1arke]

Could you raise a PR to add this information to the project's wiki please? https://github.com/mc1arke/sonarqube-community-branch-plugin.wiki.git

[asciidisco]

@mc1arke Sure, I can do, but it will take a few days as I'm currently quite busy with other stuff.

[asciidisco]

Btw.: thank you @nejch @placaze for your help & very very valuable input 🙂

[bmaehr]

#99