Github pr analysis and decoration

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • what are you trying to achieve
  • what have you tried so far to achieve this

Hello, I am using sonarqube nterprise Edition Version 8.7.1 (build 42226) and integrated with github following the documentation here however upon performing a sonar scan on the pull request, I dont see anything on the PR conversation tab or check. The scan has passed in sonarqube. The configurations is verified in the github app (installed for org wide private repos) and configured the sonarqube global settings with the github app id, client, secret and private key.

Also the project in sonar has been updated for the pull request decoration to use the configuration name and repository identifier.

What could be the possible miss or mis configuration which is why the sonarscan results are publishing on githhub pr conversation & checks.

Thanks

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
  • what are you trying to achieve
  • what have you tried so far to achieve this

Hello, I am working on automating the github pull request analysis. I am using Sonarqube Enterprise Edition v8.7.1 and wondering if the sonarscan will auto run upon creating|modifying|updating a PR? or do I need a job in between like a jenkins job or codebuild or github action that will execute the sonar-scanner command upon an event generated by PR?

Thanks.

Hi,

Welcome to the community!

FYI, I’ve combined your topics since they seem intertwined (if not the same thing).

Yes, you need a CI in the middle. SonarQube itself can’t check out and analyze your code. You configure that to happen in your CI.

 
Ann

Hi, I am using a CI (codebuild) to run the sonar scan however the problem is post the sonar scan the scan results does not show up in the PR conversation tab or in the PR checks.

I have also verified the GitHub App configurations and permissions several times, and it has all the permissions needed to update the PR.

wondering what could be missing here?:thinking::thinking:

Hi,

Maybe you could share your analysis configuration?

 
Ann