sonar-stash icon indicating copy to clipboard operation
sonar-stash copied to clipboard

Published 20 hours ago verified publisher icon AmadeusITGroup

BitBucket cloud support

Open 4n4n4s opened this issue 9 years ago • 11 comments
trafficstars

Hi, I want to test out your sonar analysis on my test project that I created on Bitbucket. Therefore I already set up a Jenkins build and added SonarQube to it.

My Test Repository is placed here: https://bitbucket.org/4n4n4s/hooktest

-Dsonar.host.url=http://mysonardomain.com:9000 -Dsonar.projectKey=hooktest -Dsonar.projectName=hooktest project -Dsonar.projectVersion=1.0 -Dsonar.projectBaseDir=/var/jenkins_home/workspace/hooktest -Dsonar.sources=.

-Dsonar.analysis.mode=preview -Dsonar.stash.url=https://bitbucket.org/4n4n4s/ -Dsonar.stash.notification=true -Dsonar.stash.login=4n4n4s -Dsonar.stash.password=MY_BITBUCKET_PASSWORD -Dsonar.stash.project=hooktest -Dsonar.stash.repository=hooktest -Dsonar.stash.pullrequest.id=1

When I start the jenkins build I get the following exception. Maybe I just misconfigured the sonar.stash properties but I found no documentation for bitbucket here.

INFO: Executing post-job org.sonar.plugins.stash.StashIssueReportingPostJob ERROR: Unable to get SonarQube reviewer from Stash: java.util.concurrent.ExecutionException: java.net.ConnectException: Received fatal alert: handshake_failure ERROR: Process stopped: no SonarQube reviewer identified to publish to Stash the SQ analysis

As a result I would also like to add some documentation how sonar-stash can be used with jenkins + bitbucket. Thanks for your help.

4n4n4s avatar Sep 03 '16 10:09 4n4n4s

Hi @4n4n4s , This is a problem between our HTTP library and the bitbucket server. I'll sort it out. FYI: I don't know if the APIs between Bitbucket Server and Bitbucket Public are compatible

t-8ch avatar Sep 05 '16 07:09 t-8ch

@4n4n4s Could you try again with the code from #67 ? It uses a different http client.

t-8ch avatar Sep 05 '16 12:09 t-8ch

@t-8ch I forked you code and also read the bitbucket api documentation. There are several things that need to be changed because server api and public api don't share much.

  • Host Url is different https://api.bitbucket.org/1.0/... currently its http://localhost:9000/api/1.0/...
  • Enpoints are different. Example: pullrequests instead of currently pull-requests
  • Responses are also differnet. Example: StashUser request does not have ui as repsone instead its now uuid
  • and so on ...

FYI: There is also a public API 2.0 but this does not support adding comments and it seems that they won't support it accoring to this link. answers.atlassian.com

It would be great to contribute some code but there need to be a lot of changes to support both server and public but I think it would be great to get it working on both.

About #67: I fixed the problem locally by updating the pom.xml at least I can get a request then but as mentioned above the api enpoints and responses are differnt.

<dependency>
  <groupId>com.ning</groupId>
  <artifactId>async-http-client</artifactId>
  <version>1.9.39</version>
</dependency>

4n4n4s avatar Sep 05 '16 17:09 4n4n4s

So, @4n4n4s

I had a first shot at it (absolutely incomplete, more a showcase how I'd like it to be structured) in the bitbucket_cloud branch. It is not very nice to code against the BitBucket cloud API.

  • We have to use 1.0 and 2.0 in parallel, as eachs does not support some endpoints we need
  • The pullrequest endpoint seems to only return plain text unified diff, which we have to parse ourselves
  • (That is where I stopped)

If you really want it you are absolutely welcome to provide a pull request (and have a look at my first try). I'll be happy to review your code.

t-8ch avatar Sep 07 '16 09:09 t-8ch

@t-8ch thanks for also doing research and setting up a base config I will start implementing tomorrow but can you please share the codeformat.xml because they are differnet from standard eclipse or springboot. Thx.

4n4n4s avatar Sep 07 '16 20:09 4n4n4s

@4n4n4s The current code style is not a special one. For future development we will use the google java code style. You should find the xml file for it at https://google.github.io/styleguide/eclipse-java-google-style.xml

t-8ch avatar Sep 08 '16 07:09 t-8ch

I don`t know java (only php) in order to help here. But as a customer of the Cloud I would like to see if a PR follow PSR-2 etc. Have you talked with Atlassian for help in integrating SonarQube? They have Pipelines in beta tests. But I thing the real gold is static analysis on PRs.

fantomas avatar Sep 27 '16 15:09 fantomas

I'm interested in picking this up since we've started to use SonarQube and we use BitBucket cloud. This integration would be greatly beneficial to us.

Is the bitbucket_cloud branch in a state where I can rebase from the master branch and pickup development of this integration. Any other pointers that might help me get started.

sudr avatar Feb 16 '17 22:02 sudr

@sudr The bitbucket cloud branch has not been touched for a while. I doubt it will be worthwile to replace it. It would probably best to start over. Just rename StashClient to StashServerClient and make StashClient an interface with the used methods. Then implement those for BitbucketCloudClient.

As for more information have a look at https://confluence.atlassian.com/bitbucket/use-the-bitbucket-cloud-rest-apis-222724129.html , there are links to both version 1 and 2 of the apis to the right.

t-8ch avatar Feb 17 '17 12:02 t-8ch

Thanks. I'll pick this up and post updates here.

sudr avatar Feb 22 '17 23:02 sudr

There is a different plugin that allows you to run sonar analysis on a BitBucket Cloud project:

https://github.com/mibexsoftware/sonar-bitbucket-plugin

Given this, I'm no longer pursing this plugin for our use case.

sudr avatar May 24 '17 17:05 sudr