project key not read from SonarQube

[shreshtha1106]

Issue and Steps to Reproduce

I run this action for a repository where I have defined a sonar-project.properties, in which I have defined:

sonar.projectKey=onboarding

however during Action execution I can see the project key is always set to 'workspace' (overwriting results for any existing project with that key name):

INFO: Project key: workspace

Other settings in sonar-project.properties seem to be read fine.
Is there a workaround for this behavior?

Thanks!

Versions

Screenshots

Expected

Actual

Run kitabisa/sonarqube-action@master
/usr/bin/docker run --name c3f261e9bc3863a51240618c86830b84fa2fe6_0c0f1d --label c3f261 --workdir /github/workspace --rm -e INPUT_HOST -e INPUT_LOGIN -e INPUT_PROJECTKEY -e INPUT_PROJECTNAME -e INPUT_PROJECTVERSION -e INPUT_PROJECTBASEDIR -e INPUT_PASSWORD -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/actions-runner/_work/_temp/_github_home":"/github/home" -v "/actions-runner/_work/_temp/_github_workflow":"/github/workflow" -v "/actions-runner/_work/onboarding/onboarding":"/github/workspace" c3f261:e9bc3863a51240618c86830b84fa2fe6
INFO: Scanner configuration file: /usr/lib/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: /github/workspace/sonar-project.properties
INFO: SonarQube Scanner 4.0.0.1744
INFO: Java 1.8.0_181 Oracle Corporation (64-bit)
INFO: Linux 4.4.0-1109-aws amd64
INFO: User cache: /root/.sonar/cache
INFO: SonarQube server 7.7.0
INFO: Default locale: "en_US", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=172ms
INFO: User cache: /root/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=70ms
INFO: Load/download plugins (done) | time=4030ms
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=4ms
INFO: Project key: workspace
INFO: Base dir: /github/workspace
INFO: Working dir: /github/workspace/.scannerwork
INFO: Load project settings for component key: 'workspace'
INFO: Load project settings for component key: 'workspace' (done) | time=36ms
INFO: Load project repositories
INFO: Load project repositories (done) | time=115ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=61ms
INFO: Load active rules
INFO: Load active rules (done) | time=1562ms
INFO: Indexing files...
INFO: Project configuration:
INFO: Excluded sources: test/, scripts/, rpc/, proto/, docs/** configs/, cmd/, build/, bin/, **/*_test.go, **/*mock.go, */coverage, coverage/
INFO: 64 files indexed
INFO: 0 files ignored because of inclusion/exclusion patterns
INFO: 0 files ignored because of scm ignore settings
INFO: Quality profile for go: Sonar way
INFO: ------------- Run sensors on module workspace
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=21ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=4ms
INFO: Sensor SonarGo [go]
WARN: Metric 'comment_lines_data' is deprecated. Provided value is ignored.
ERROR: Coverage report can't be loaded, report file not found, ignoring this file /tmp/cov.out.
INFO: Sensor SonarGo [go] (done) | time=968ms
INFO: Sensor JavaXmlSensor [java]
INFO: Sensor JavaXmlSensor [java] (done) | time=2ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=18ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=31ms
INFO: SCM provider for this project is: git
INFO: 47 files to be analyzed
WARN: Shallow clone detected, no blame information will be provided. You can convert to non-shallow with 'git fetch --unshallow'.
INFO: 0/47 files analyzed
WARN: Missing blame information for the following files:

---

WARN: This may lead to missing/broken features in SonarQube
INFO: 5 files had no CPD blocks
INFO: Calculating CPD for 42 files
INFO: CPD calculation finished
INFO: Analysis report generated in 147ms, dir size=251 KB
INFO: Analysis report compressed in 83ms, zip size=117 KB
INFO: Analysis report uploaded in 73ms
INFO: ANALYSIS SUCCESSFUL, you can browse ***/dashboard?id=workspace
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at ***/api/ce/task?id=AXNw80hubxlVWrCEzHs4
INFO: Analysis total time: 6.020 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 12.124s
INFO: Final Memory: 28M/488M
INFO: ------------------------------------------------------------------------

Specifications

• Version:
• Platform:
• Subsystem:

@ryanriatno

[dwisiswant0]

Yes, we are aware of behavior on entrypoint that's rewriting the variables that we've specified (e.g. in sonar-project.properties) before.

Thank you for your report, @shreshtha1106. We will make improvements for this.

[dwisiswant0]

Hi @shreshtha1106, I think it has been fixed in v1.0.1-dev release. Can you retest and confirm for this related issue?

Use this snippet:

- name: SonarQube Scan
  uses: kitabisa/sonarqube-action@v1.0.1-dev

Thanks!

[shreshtha1106]

@dwisiswant0
I tried it again with the same sonar-project.properties file. It worked. However, a new execution error is coming up now.

INFO: Scanner configuration file: /usr/lib/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: /github/workspace/sonar-project.properties
INFO: SonarQube Scanner 4.0.0.1744
INFO: Java 1.8.0_181 Oracle Corporation (64-bit)
INFO: Linux 4.4.0-1109-aws amd64
INFO: User cache: /root/.sonar/cache
INFO: SonarQube server 7.7.0
INFO: Default locale: "en_US", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=168ms
INFO: Server id: C5EDF746-AWr5KS30fH5hb7aiZzsh
INFO: User cache: /root/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=62ms
INFO: Load/download plugins (done) | time=3970ms
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=9ms
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 7.460s
INFO: Final Memory: 18M/408M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
ERROR: Validation of project reactor failed:
o "" is not a valid project or module key. Allowed characters are alphanumeric, '-', '_', '.' and ':', with at least one non-digit.
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.

because of the above error, I removed most of the parts of the properties file:

HOwever, getting the same error in this case as well.

[dwisiswant0]

Hi @shreshtha1106,
After I explored this issue, I suggest that:
When using this action it is NOT recommended to use sonar-scanner.properties, because the value will be a collision with that defined from the previous entrypoint. Basic concept of this action is actually to make it easier for users to use their own SonarQube server. 😃

However, this actions aren't yet perfect to cover all the analysis properties available by the sonar-scanner itself; we haven't yet gotten complex use of this action, but feel free to ask anything to us to improves this action. 💡

New release is out! Check the latest version that fixes bugs we don't realize.

Thank you for reporting this interesting issue!