Reinstate sonar tests and improve error messages (#545)

FayeSGW · web-flow · commit 807b72cce591 · 2025-10-01T12:04:05.000+02:00
* Improve error message for sonar command
diff --git a/cmd/kosli/attestSonar_test.go b/cmd/kosli/attestSonar_test.go
@@ -159,19 +159,19 @@ func (suite *AttestSonarCommandTestSuite) TestAttestSonarCmd() {
 			wantError: true,
 			name:      "if outdated task given (i.e. we try to get results for an older scan that SonarCloud has deleted), we get an error",
 			cmd:       fmt.Sprintf("attest sonar --name cli.foo --commit HEAD --origin-url http://www.example.com --sonar-working-dir testdata/sonar/sonarcloud/.scannerwork-old %s", suite.defaultKosliArguments),
-			golden:    "Error: analysis not found on https://sonarcloud.io. Snapshot may have been deleted by SonarQube\n",
+			golden:    "Error: No activity found for task 'AZERk4uWpzGpahwkB9ac' on https://sonarcloud.io. \nSonarQube may be experiencing problems, please check https://status.sonarqube.com/ and try again later. \nOtherwise if you are attesting an older scan, the snapshot may have been deleted by SonarQube.\n",
 		},
 		{
 			wantError: true,
 			name:      "if incorrect revision given (or the scan for the given revision has been deleted by SonarCloud)",
 			cmd:       fmt.Sprintf("attest sonar --name cli.foo --commit HEAD --origin-url http://www.example.com --sonar-project-key cyber-dojo_differ --sonar-revision b4d1053f2aac18c9fb4b9a289a8289199c932e12 %s", suite.defaultKosliArguments),
-			golden:    "Error: analysis for revision b4d1053f2aac18c9fb4b9a289a8289199c932e12 of project cyber-dojo_differ not found. Check the revision is correct. Snapshot may also have been deleted by SonarQube\n",
+			golden:    "Error: analysis for revision b4d1053f2aac18c9fb4b9a289a8289199c932e12 of project cyber-dojo_differ not found. Check the revision is correct. \nThe scan may still be being processed by SonarQube, try again later.\n Otherwise if you are attesting an older scan, the snapshot may also have been deleted by SonarQube\n",
 		},
 		{
 			wantError: true,
 			name:      "if incorrect project key given, we get an error message from Sonar",
 			cmd:       fmt.Sprintf("attest sonar --name cli.foo --commit HEAD --origin-url http://www.example.com --sonar-project-key cyber-dojo-differ --sonar-revision 38f3dc8b63abb632ac94a12b3f818b49f8047fa1 %s", suite.defaultKosliArguments),
-			golden:    "Error: sonar error: Component key 'cyber-dojo-differ' not found\n",
+			golden:    "Error: SonarQube error: Component key 'cyber-dojo-differ' not found\n",
 		},
 	}
 
@@ -261,7 +261,7 @@ func (suite *AttestSonarQubeCommandTestSuite) TestAttestSonarQubeCmd() {
 			wantError: true,
 			name:      "if incorrect project key given, we get an error message from Sonar",
 			cmd:       fmt.Sprintf("attest sonar --name cli.foo --commit HEAD --origin-url http://www.example.com --sonar-server-url http://localhost:9000 --sonar-project-key test99 --sonar-revision 38f3dc8b63abb632ac94a12b3f818b49f8047fa1 %s", suite.defaultKosliArguments),
-			golden:    "Error: sonar error: Component key 'test99' not found\n",
+			golden:    "Error: SonarQube error: Component key 'test99' not found\n",
 		},
 		{
 			wantError: true,
@@ -282,6 +282,6 @@ func (suite *AttestSonarQubeCommandTestSuite) TestAttestSonarQubeCmd() {
 // In order for 'go test' to run this suite, we need to create
 // a normal test function and pass our suite to suite.Run
 func TestAttestSonarCommandTestSuite(t *testing.T) {
-	//suite.Run(t, new(AttestSonarCommandTestSuite)) // Commented out since they currently fail Tore Hagen 2025.09.30
+	suite.Run(t, new(AttestSonarCommandTestSuite))
 	suite.Run(t, new(AttestSonarQubeCommandTestSuite))
 }
diff --git a/internal/sonar/sonar.go b/internal/sonar/sonar.go
@@ -80,7 +80,8 @@ type Conditions struct {
 
 // These are the structs for the response from the ceTaskURL
 type TaskResponse struct {
-	Task Task `json:"task"`
+	Task   Task    `json:"task"`
+	Errors []Error `json:"errors,omitempty"`
 }
 type Task struct {
 	TaskID        string `json:"id"`
@@ -232,14 +233,13 @@ func GetCETaskData(httpClient *http.Client, project *Project, sonarResults *Sona
 		if err != nil {
 			return "", err
 		}
-
 		err = json.NewDecoder(taskResponse.Body).Decode(taskResponseData)
 		if err != nil {
 			return "", fmt.Errorf("please check your API token is correct and you have the correct permissions in SonarQube")
 		}
-		// If the CETaskURL from the report-task.txt file gives a 404, the CE task does not exist.
-		if taskResponseData.Task.Status == "" {
-			return "", fmt.Errorf("analysis not found on %s. Snapshot may have been deleted by SonarQube", sonarResults.ServerUrl)
+		// If the CETaskURL from the report-task.txt file gives a 404, the CE task does not exist, or SonarQube is down.
+		if taskResponseData.Errors != nil {
+			return "", fmt.Errorf("%s on %s. \nSonarQube may be experiencing problems, please check https://status.sonarqube.com/ and try again later. \nOtherwise if you are attesting an older scan, the snapshot may have been deleted by SonarQube.", taskResponseData.Errors[0].Msg, sonarResults.ServerUrl)
 		}
 
 		if taskResponseData.Task.Status == "PENDING" || taskResponseData.Task.Status == "IN_PROGRESS" {
@@ -281,7 +281,7 @@ func GetCETaskData(httpClient *http.Client, project *Project, sonarResults *Sona
 	// This should only happen if the task is pending - either because the project is large and the scan takes a long time
 	// to process, or because SonarQube is experiencing delays for some reason.
 	if analysisId == "" {
-		return "", fmt.Errorf("analysis ID not found on %s. The scan results are not yet available, likely due to: \n1. Your project being particularly large and the scan taking time to process, or \n2. SonarQube is experiencing delays in processing scans. \nTry rerunning the command with the --max-wait flag.", sonarResults.ServerUrl)
+		return "", fmt.Errorf("analysis ID not found on %s. The scan results are not yet available, likely due to: \n1. Your project being particularly large and the scan taking time to process, or \n2. SonarQube experiencing delays in processing scans. \nTry rerunning the command with the --max-wait flag.", sonarResults.ServerUrl)
 	}
 
 	if project.Url == "" {
@@ -329,11 +329,11 @@ func GetProjectAnalysisFromRevision(httpClient *http.Client, sonarResults *Sonar
 	}
 
 	if projectAnalysesData.Errors != nil {
-		return "", fmt.Errorf("sonar error: %s", projectAnalysesData.Errors[0].Msg)
+		return "", fmt.Errorf("SonarQube error: %s", projectAnalysesData.Errors[0].Msg)
 	}
 
 	if sonarResults.AnalaysedAt == "" {
-		return "", fmt.Errorf("analysis for revision %s of project %s not found. Check the revision is correct. Snapshot may also have been deleted by SonarQube", revision, project.Key)
+		return "", fmt.Errorf("analysis for revision %s of project %s not found. Check the revision is correct. \nThe scan may still be being processed by SonarQube, try again later.\n Otherwise if you are attesting an older scan, the snapshot may also have been deleted by SonarQube", revision, project.Key)
 	}
 	projectAnalysesResponse.Body.Close()
 
@@ -367,6 +367,10 @@ func GetProjectAnalysisFromAnalysisID(httpClient *http.Client, sonarResults *Son
 		}
 	}
 
+	if projectAnalysesData.Errors != nil {
+		return fmt.Errorf("SonarQube error: %s", projectAnalysesData.Errors[0].Msg)
+	}
+
 	if sonarResults.AnalaysedAt == "" {
 		return fmt.Errorf("analysis with ID %s not found on %s. Snapshot may have been deleted by SonarQube", analysisID, sonarResults.ServerUrl)
 	}
@@ -392,7 +396,7 @@ func GetQualityGate(httpClient *http.Client, sonarResults *SonarResults, quality
 	if err != nil {
 		return nil, err
 	} else if qualityGateData.Errors != nil {
-		return nil, fmt.Errorf("sonar error: %s", qualityGateData.Errors[0].Msg) //We should never reach this point, since incorrect/outdated task/analysis IDs etc. should already have raised errors
+		return nil, fmt.Errorf("SonarQube error: %s", qualityGateData.Errors[0].Msg) //We should never reach this point, since incorrect/outdated task/analysis IDs etc. should already have raised errors
 	} else {
 		qualityGate.Status = qualityGateData.ProjectStatus.Status
 		// The server expects an array of conditions if the Quality Gate exists, so if there are no conditions, we need to send an empty array

Original file line number	Diff line number	Diff line change
`@@ -80,7 +80,8 @@ type Conditions struct {`
`80`	`80`
`81`	`81`	`// These are the structs for the response from the ceTaskURL`
`82`	`82`	`type TaskResponse struct {`
`83`		- Task Task `json:"task"`
	`83`	+ Task Task `json:"task"`
	`84`	+ Errors []Error `json:"errors,omitempty"`
`84`	`85`	`}`
`85`	`86`	`type Task struct {`
`86`	`87`	TaskID string `json:"id"`
`@@ -232,14 +233,13 @@ func GetCETaskData(httpClient http.Client, project Project, sonarResults *Sona`
`232`	`233`	`if err != nil {`
`233`	`234`	`return "", err`
`234`	`235`	`}`
`235`		`-`
`236`	`236`	`err = json.NewDecoder(taskResponse.Body).Decode(taskResponseData)`
`237`	`237`	`if err != nil {`
`238`	`238`	`return "", fmt.Errorf("please check your API token is correct and you have the correct permissions in SonarQube")`
`239`	`239`	`}`
`240`		`- // If the CETaskURL from the report-task.txt file gives a 404, the CE task does not exist.`
`241`		`- if taskResponseData.Task.Status == "" {`
`242`		`- return "", fmt.Errorf("analysis not found on %s. Snapshot may have been deleted by SonarQube", sonarResults.ServerUrl)`
	`240`	`+ // If the CETaskURL from the report-task.txt file gives a 404, the CE task does not exist, or SonarQube is down.`
	`241`	`+ if taskResponseData.Errors != nil {`
	`242`	`+ return "", fmt.Errorf("%s on %s. \nSonarQube may be experiencing problems, please check https://status.sonarqube.com/ and try again later. \nOtherwise if you are attesting an older scan, the snapshot may have been deleted by SonarQube.", taskResponseData.Errors[0].Msg, sonarResults.ServerUrl)`
`243`	`243`	`}`
`244`	`244`
`245`	`245`	`if taskResponseData.Task.Status == "PENDING" \|\| taskResponseData.Task.Status == "IN_PROGRESS" {`
`@@ -281,7 +281,7 @@ func GetCETaskData(httpClient http.Client, project Project, sonarResults *Sona`
`281`	`281`	`// This should only happen if the task is pending - either because the project is large and the scan takes a long time`
`282`	`282`	`// to process, or because SonarQube is experiencing delays for some reason.`
`283`	`283`	`if analysisId == "" {`
`284`		`- return "", fmt.Errorf("analysis ID not found on %s. The scan results are not yet available, likely due to: \n1. Your project being particularly large and the scan taking time to process, or \n2. SonarQube is experiencing delays in processing scans. \nTry rerunning the command with the --max-wait flag.", sonarResults.ServerUrl)`
	`284`	`+ return "", fmt.Errorf("analysis ID not found on %s. The scan results are not yet available, likely due to: \n1. Your project being particularly large and the scan taking time to process, or \n2. SonarQube experiencing delays in processing scans. \nTry rerunning the command with the --max-wait flag.", sonarResults.ServerUrl)`
`285`	`285`	`}`
`286`	`286`
`287`	`287`	`if project.Url == "" {`
`@@ -329,11 +329,11 @@ func GetProjectAnalysisFromRevision(httpClient http.Client, sonarResults Sonar`
`329`	`329`	`}`
`330`	`330`
`331`	`331`	`if projectAnalysesData.Errors != nil {`
`332`		`- return "", fmt.Errorf("sonar error: %s", projectAnalysesData.Errors[0].Msg)`
	`332`	`+ return "", fmt.Errorf("SonarQube error: %s", projectAnalysesData.Errors[0].Msg)`
`333`	`333`	`}`
`334`	`334`
`335`	`335`	`if sonarResults.AnalaysedAt == "" {`
`336`		`- return "", fmt.Errorf("analysis for revision %s of project %s not found. Check the revision is correct. Snapshot may also have been deleted by SonarQube", revision, project.Key)`
	`336`	`+ return "", fmt.Errorf("analysis for revision %s of project %s not found. Check the revision is correct. \nThe scan may still be being processed by SonarQube, try again later.\n Otherwise if you are attesting an older scan, the snapshot may also have been deleted by SonarQube", revision, project.Key)`
`337`	`337`	`}`
`338`	`338`	`projectAnalysesResponse.Body.Close()`
`339`	`339`
`@@ -367,6 +367,10 @@ func GetProjectAnalysisFromAnalysisID(httpClient http.Client, sonarResults Son`
`367`	`367`	`}`
`368`	`368`	`}`
`369`	`369`
	`370`	`+ if projectAnalysesData.Errors != nil {`
	`371`	`+ return fmt.Errorf("SonarQube error: %s", projectAnalysesData.Errors[0].Msg)`
	`372`	`+ }`
	`373`	`+`
`370`	`374`	`if sonarResults.AnalaysedAt == "" {`
`371`	`375`	`return fmt.Errorf("analysis with ID %s not found on %s. Snapshot may have been deleted by SonarQube", analysisID, sonarResults.ServerUrl)`
`372`	`376`	`}`
`@@ -392,7 +396,7 @@ func GetQualityGate(httpClient http.Client, sonarResults SonarResults, quality`
`392`	`396`	`if err != nil {`
`393`	`397`	`return nil, err`
`394`	`398`	`} else if qualityGateData.Errors != nil {`
`395`		`- return nil, fmt.Errorf("sonar error: %s", qualityGateData.Errors[0].Msg) //We should never reach this point, since incorrect/outdated task/analysis IDs etc. should already have raised errors`
	`399`	`+ return nil, fmt.Errorf("SonarQube error: %s", qualityGateData.Errors[0].Msg) //We should never reach this point, since incorrect/outdated task/analysis IDs etc. should already have raised errors`
`396`	`400`	`} else {`
`397`	`401`	`qualityGate.Status = qualityGateData.ProjectStatus.Status`
`398`	`402`	`// The server expects an array of conditions if the Quality Gate exists, so if there are no conditions, we need to send an empty array`