We Keep Coding

Show Travis-CI build status on Github Pull Request Page

How do you configure Github's pull request review page to show Travis-CI build status?
I remember Github automatically showing build status for some of my repos configured to build using Travis-CI, but Github has stopped doing this. Whether the build passed or succeeded, Github would show the status near the "Merge pull request" button. Now I have to manually search for the pull request in Travis-CI.
Has this feature been discontinued by Github, or is there some new manual configuration needed to re-implement this?

This discussion thread explained the issue.
The solution was to:
revoke access to Travis-CI in Github
logout of Travis-CI
log back in to Travis-CI.
Travis-CI then automatically asked for Github credentials, and afterwards Github again shows Travis-CI build status in a check.

The legacy integration has been disabled and you need to perform the migration to the GitHub app integration. See the instructions here: https://docs.travis-ci.com/user/migrate/legacy-services-to-github-apps-migration-guide/
Note that if you are not the owner on the repo, you will need to request adding Travis access to the appropriate person.

Not authorized to execute any SonarQube analysis when building pull request from a forket repo on Travis CI

I'm setting up a project with Travis CI and SonarQube.com, everything goes smoothly when a pull request comes out of a branch from the repository but it is failing when Travis runs a build off a pull request from a forked repository.
A build out of a PR from the repository: https://travis-ci.org/PistachoSoft/dummy-calculator/builds/162905730
A build out of a PR from a forked repository: https://travis-ci.org/PistachoSoft/dummy-calculator/builds/162892678
The repository: https://github.com/PistachoSoft/dummy-calculator
As it can be seen in the build log this is the error:
You're not authorized to execute any SonarQube analysis. Please contact your SonarQube administrator.
Things I've tried out but didn't work out:
Updating the sonar token.
Using an encrypted token granted by another person from the organization.
Granting 'sonar-users' and 'Anyone' the 'Execute Analysis' permission on the SonarQube project.
What can I do to fix this?

First, I raise your attention on one important point: you should not run a "standard" SonarQube analysis on PR - otherwise your project on SonarQube.com will be "polluted" by intermediate analyses that have nothing to do with each other. Standard analyses must be executed only on the main development branch - which is usually the "master" branch. Please read the runSonarQubeAnalysis.sh file of our sample projects to see how to achieve that.
Now, why your attempt does not work? Simply because the SONAR_TOKEN environment variable (that you've set as "secure" in your YML file) will not be decoded by Travis when the PR is coming "from the outside world" (i.e when it's not a PR of your own). This is a security constraint to prevent anybody to fork your repo, update the YML file with a echo $SONAR_TOKEN, submit a PR and genlty wait that Travis executes it to unveil the secured environment variable.
Analyzing "external" PR is something that we'll soon be working on so that this is easy, straightforward and yet secured for OSS projects to benefit from this feature.

Jenkins how to set build status on Github commit?

I have set up Jenkins and Github such that whenever I push a commit to an existing pull request, it automatically adds a comment and triggers a Jenkins build. Prior to today, Jenkins amended that comment with the status of the build and the functional tests executed. (So I know that part works.)
Today, I updated Jenkins and Jenkins ceases to notify Github of the build status. When I check the Jenkins configuration, the post-build section says:
Set build status on Github commit [deprecated]
This notifier will set GH commit status. This step is DEPRECATED and will be migrated to new step in one of the next major plugin releases. Please refer to new universal step.
Are they saying they removed functionality and I need to either downgrade or wait for them to restore it when they get around to releasing an update?
Alternatively, if they want me to start using this new "universal step", where can I find the documentation on setting that up?
I looked at Show current state of Jenkins build on GitHub repo but it appears the answers to that question are now obsolete (answered six months ago).
I am currently using Jenkins version 2.3, Github plugin 1.19.1 and Github API plugin 1.75.

I think you may have been bitten by this issue: https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170
It says
If using the standard ${sha1} branch spec, builds will fail with "Couldn't find any revision to build".
Pull requests remain in the "pending" state as the plugin fails to update the PR with the build outcome
It sounds like this can be fixed by using a whitelist of terms. In my case, this was handled by another engineer, so I can't provide firsthand details.

github plugin for SonarQube not working

Almost breaking my head over this for last few days but the github plugin for sonarqube (v 5.3) just does not seem to work.
I have my java app code in github, and have configured Jenkins to run mvn sonar:sonar goal on pull request.
The maven settings are:
clean site sonar:sonar
-Dsonar.analysis.mode=preview
-Dsonar.github.oauth=<OAUTH_TOKEN>
-Dsonar.github.repository=<ORG>/<REPO>
-Dsonar.github.pullRequest=${ghprbPullId}
-Dsonar.github.endpoint=<ENT_GITHUB_API_BASE__URI>
For sonar.analysis.mode, I tried 'issues' too
Now I perform foll:
make change to a fork (introduce a violation as per configured quality gate)
commit and push to fork repo
Create a pull request
run the jenkins job using above configuration
The analysis is successful, and the plugin always reports that all checks have passed and changes can be merged. I am just not able to understand why the github plugin in sonar is not able to show violation occured and checks have failed.
Now if I merge the pull request and run sonar analysis in publish mode on the master repo, it says quality gate failed and I am able to see this in SonarQube dashboard for the project with the statement that Quality gate has failed
What am I doing wrong here? My guess is the github plugin not able to compare the changes in the pull request with that in the master repo and hence not able to report the violation. How do I fix that?
Update:
If at the end, I merge the pull request to master repo and re-run the sonar analysis on the original pull request (the one that got merged), it does report the violation as comments in the Pull Request conversation. (But what is the point if sonar is going to report the violations after the pull request is merged???)

Continuous Integration workflow using Github, Travis CI, and Nodejitsu

I am trying to create the following workflow for continuous integration on my project
Developer commits code change to Github
Github sends entire codebase to Travis CI
Travis CI does the following
Runs tests
Builds distribution worthy package, saves in filesystem location local to Travis CI
Deploys distribution worthy package to Nodejitsu
Nodejitsu restarts server with the distribution worthy package
Is this possible? What are the steps? Via Github webhooks, I do have Travis CI running tests, and Nodejitsu deploying (untested and distribution worthy) Github codebase, but I do not have the workflow described above. Am I expecting something that is not possible?
Thank you!

This is possible, and how we deploy many of our systems internally.
For a quick getting started guide please try:
https://www.nodejitsu.com/getting-started-with-github
Detailed documentation can be found here:
https://www.nodejitsu.com/documentation/features/webhooks/
If you have any other questions, feel free to reach out to Nodejitsu support.