Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Maintenance: troubleshoot SonarCloud not running on forks #2730

Closed
1 of 2 tasks
dreamorosi opened this issue Jul 3, 2024 · 6 comments · Fixed by #2731 or #2740
Closed
1 of 2 tasks

Maintenance: troubleshoot SonarCloud not running on forks #2730

dreamorosi opened this issue Jul 3, 2024 · 6 comments · Fixed by #2731 or #2740
Assignees
@dreamorosi
Labels
completed This item is complete and has been merged/shipped internal PRs that introduce changes in governance, tech debt and chores (linting setup, baseline, etc.)

Comments

@dreamorosi
Copy link
Contributor

Summary

As per issue title, SonarCloud is not running on pull requests coming from forks. We use this tool as SAST / code quality tool and as of 3 weeks ago it was working on all PRs.

The tool has stopped working on PRs coming from external contributors (aka from forks) and we don't know why.

We should either troubleshoot this, or find an alternative that covers our needs.

Why is this needed?

So that we can continue running our code quality scans on all PRs.

Which area does this relate to?

Automation

Solution

No response

Acknowledgment

Future readers

Please react with 👍 and your use case to help us understand customer demand.
@dreamorosi dreamorosi added internal PRs that introduce changes in governance, tech debt and chores (linting setup, baseline, etc.) confirmed The scope is clear, ready for implementation labels Jul 3, 2024
@dreamorosi dreamorosi mentioned this issue Jul 3, 2024
Merged
@dreamorosi dreamorosi self-assigned this Jul 3, 2024
@dreamorosi dreamorosi linked a pull request Jul 3, 2024 that will close this issue
chore(ci): enable CodeQl #2731
Merged
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jul 8, 2024

⚠️ COMMENT VISIBILITY WARNING ⚠️

This issue is now closed. Please be mindful that future comments are hard for our team to see.

If you need more assistance, please either tag a team member or open a new issue that references this one.

If you wish to keep having a conversation with other community members under this issue feel free to do so.

@github-actions github-actions bot added pending-release This item has been merged and will be released soon and removed confirmed The scope is clear, ready for implementation labels Jul 8, 2024
@dreamorosi dreamorosi added confirmed The scope is clear, ready for implementation and removed pending-release This item has been merged and will be released soon labels Jul 8, 2024
@dreamorosi
Copy link
Contributor Author

Reopening since SonarCloud is still not running.

We have opened a thread on their community support forum: https://community.sonarsource.com/t/pull-requests-not-being-automatically-analysed/118489

And there's also a bigger thread with other customers being impacted as well: https://community.sonarsource.com/t/cloud-analysis-of-github-stopped-working/117641/4

@dreamorosi dreamorosi reopened this Jul 8, 2024
@dreamorosi dreamorosi added the on-hold This item is on-hold and will be revisited in the future label Jul 8, 2024
@dreamorosi dreamorosi mentioned this issue Jul 8, 2024
Merged
@github-actions github-actions bot added pending-release This item has been merged and will be released soon and removed on-hold This item is on-hold and will be revisited in the future confirmed The scope is clear, ready for implementation labels Jul 9, 2024
@dreamorosi dreamorosi mentioned this issue Jul 9, 2024
Open
@dreamorosi dreamorosi linked a pull request Jul 9, 2024 that will close this issue
chore(ci): revert enable CodeQl (#2731) #2740
Merged
@dreamorosi dreamorosi added on-hold This item is on-hold and will be revisited in the future and removed pending-release This item has been merged and will be released soon labels Jul 10, 2024
@dreamorosi
Copy link
Contributor Author

Based on new developments on the thread linked above, it seems that SonarCloud might be out of question.

I'll leave this on hold for a few more weeks, and if needed be we'll start seriously looking into CodeQL, including how to improve its performance.

@dreamorosi
Copy link
Contributor Author

SonarCloud re enabled analysis on PRs coming from forks, and said that they're now confident with the results reported by the tool.

We'll monitor the reports during the next couple of weeks and if they're ok we'll close the issue and stick with SonarCloud.

@dreamorosi
Copy link
Contributor Author

I've been monitoring Sonar analysis on PRs for the past couple weeks and they seem to be accurate.

I'm going to close this issue as resolved and we are going to stay with Sonar for the foreseeable future.

@dreamorosi dreamorosi added completed This item is complete and has been merged/shipped and removed on-hold This item is on-hold and will be revisited in the future labels Aug 7, 2024
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Aug 7, 2024

⚠️ COMMENT VISIBILITY WARNING ⚠️

This issue is now closed. Please be mindful that future comments are hard for our team to see.

If you need more assistance, please either tag a team member or open a new issue that references this one.

If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dreamorosi dreamorosi

Labels
completed This item is complete and has been merged/shipped internal PRs that introduce changes in governance, tech debt and chores (linting setup, baseline, etc.)
Projects
Powertools for AWS Lambda (TypeScript)
Status: Shipped
Milestone
No milestone
1 participant
@dreamorosi