Get GitHub Summary comment via Web API?

stdr · May 10, 2021, 10:34am

ALM used: GitHub
CI system used: GitHub Actions
Scanner command used: mvn sonar:sonar
Languages of the repository: Java

Hi, I’m trying to figure out a way to get analysis results for external pull requests without running into the risk of being pwned. This is an open feature request, albeit without an ETA.

To work around this, I’m planning to

run the build in the read-only environment,
save the artifacts,
download artifacts & run mvn sonar:sonar from the privilieged env to analyze.

This should work fine from what I have read, and indeed I’ve tested this locally already and it runs fine.

Now I’d like to retrieve some form of report via the WebAPI to show in the external PR comment, similar to sonar.pullrequest.github.summary_comment. Is there a way to retrieve this through the WebAPI?

Gregoire_Aubert · May 12, 2021, 7:19am

Hello Stephan! And welcome to the community!

Currently there is now way to retrieve specifically the PR comment.
But given the project and branch you analyzed you could use the api/measures/component endpoint to retrieve the information that you want and then post the comment yourself.

system · May 19, 2021, 7:20am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.