API to enable AutoScan for GitHub repo

Hi, Dears.
We are really excited to use the AutoScan feature of SonarCloud in our org.

To enable the AutoScan feature, we are adding GitHub repositories from https://sonarcloud.io/projects/create manually.

  1. I want to ask, is there any possibility to enable AutoScan for GitHub repo with WebAPI?
  2. Or enable this future for whole organization and for all entire repositories?

The first (1) option is more relevant.

Thanks in advance.

Hello,

To answer your questions directly:

  1. We currently don’t have any public API to do the import of repositories.
  2. If your repositories are compatible with Autoscan it should be enabled by default when you import your projects.

Otherwise I’m wondering, do you know that you can import multiple projects at once ? Does this not answer your need ? Could you clarify your use case behind the need for an API to do the import ?

Hello, thanks for your answer.

Let me explain in other words. You know, we are working with microservices. And it means that you have dozens of repositories and every day we are creating a new repository. We automized the creation of repositories by integrating them with other DevSecOps tools (SNYK, Veracode, etc). So, now we want to import repo to SonarCloud immediately right after the creation of repo.

It is not the solution, because we want to add right after creation with API.

Thanks for the explanation, it seems like a valid use case that we don’t support yet and as far as I know we don’t have plan to support it either. So I suggest that you do a feature request.

And unfortunately, in the mean time, I don’t really have any solution for you…

Following requests directly from the site, I found out how to enable AutoScan for Github Repository automatically.

So, sharing script to make it publicly available and I hope it will help someone:

curl --include \
    --request POST \
    --header "Content-Type: application/x-www-form-urlencoded" \
    -u ${SONAR_TOKEN}: \
    --data-binary "installationKeys=${GITHUB_ORG}%2F${REPO_NAME}%7C${REPO_ID}&organization=${SONAR_ORG}" \
   "https://sonarcloud.io/api/alm_integration/provision_projects"
curl --include \
    -u ${SONAR_TOKEN}: \
   "https://sonarcloud.io/api/autoscan/eligibility?autoEnable=true&projectKey=${GITHUB_ORG}_${REPO_NAME}"

Thanks a lot.

What does REPO_ID refer to? github or sonar id