Automatically enable DevOps plaform integration for every project

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube Server / Community Build, Scanner, Plugin, and any relevant extension): 10.8 (Enterprise)
  • how is SonarQube deployed: zip
  • what are you trying to achieve: see below
  • what have you tried so far to achieve this: not possible by current product design

Good day!

Long story short, here’s the situation: I have over 100 SonarQube projects in my organization, each of them was added to SonarQube automatically by performing the following command in my gitlab ci pipeline:

    - "mvn sonar:sonar
      -Dmaven.repo.local=$CI_PROJECT_DIR/.m2/repository \
      -Dsonar.qualitygate.wait=true \
      -Dsonar.projectName=${CI_PROJECT_PATH} \
      -Dsonar.projectKey=${CI_PROJECT_NAME} \
      -Dsonar.java.binaries=$CI_PROJECT_DIR/.m2/repository \
      -Dsonar.pullrequest.key=${CI_MERGE_REQUEST_IID} \
      -Dsonar.pullrequest.branch=${CI_MERGE_REQUEST_SOURCE_BRANCH_NAME} \
      -Dsonar.pullrequest.base=${CI_MERGE_REQUEST_TARGET_BRANCH_NAME} \
      -Dmaven.test.skip=true \
      -Dsonar.exclusions=**/*.sql"

Recently there was a request from our developers to add Gitlab MR decoration to each project. I found out that in order to enable this for all of my 100+ projects, I need to configure each of them individually by manually enabling Devops Platform Integration (Gitlab) and providing it with Project ID from Gitlab.
This is not very comfortable operation to do for such a large project count. Is there a way to do this in a centralized way? If there is not, can you register this as a feature request for this product?

Adding projects manually by importing them from gitlab is not an option for us.

Also, I remember that SonarQube used to leave comments on each issue in gitlab MR decoration. So there was a summary comment and comment for each issue. Is it not a thing anymore? Can’t seem to get it working despite assigning maximum permissions on gitlab token and user account thats assotiated with it. It only leaves summary comment with QG status.

Hi,

Your best option here is scripting.

The best way to master the API is to perform the desired action via the UI and eavesdrop to see which calls the UI made to accomplish the action.

You may also find this guide helpful.

Regarding issue comments, I’m not sure I remember it like you do. I thought it was only in GitHub that we commented individual issues. But even in GitHub we no longer do that because with the APIs available to us, successive analyses of a give PR made the whole thing increasingly messy.

 
HTH,
Ann