I am currently using 9.9 LTA. I am looking for an option to set/associate the pipeline job URL which was used to perform the sonar analysis for the projects. Are there any options?
In our org, we have configured some set of guidelines. If any project is created without following the guideline, the project will be deleted via an automation, which runs once in an hour. While deleting the project, we want to notify the user / team who created the SonarQube project via GitLab pipeline. If I can have the pipeline job url (or any other specific value that is associated to the repo from where the pipeline was triggered) associated to a project (and can get updated every time when it runs), it will be easy to fetch the value and take the action.
I tried project tags api. However, setting the tag is project specific. But, the GET api is not.
I also tried setting the pipeline url via “api/project_links/create”. However, every time when this API was hit, I could see the data is getting appended, resulting I could see more pipeline urls / links are listed in the project information tab.
I think what you’re looking for is a sonar.links.* parameter. Luckily Gitlab as variables like CI_REPOSITORY_URL available that you can reference.
One caveat: this must be set in the context of analysis (you or your developers will have to update the pipeline to include the sonar.links.* analysis parameter(s)). It can’t be done using the Web API.
Yes. I just merged the changes to the main branch and I could see the details.
In general, the developers first commit their code in a feature branch (main branch is a protected branch; developers should not commit directly at protected branches - a rule we setup at our org) and the scan will happen for the feature branch. The sonar project will be created for the feature branch and we will do the validations to enable entitlement. During this activity, if we find the standards were not followed, we will delete the project itself.
In this case, I hope setting up the scm or ci links will not be available. Hence, we cannot use them to identify the source repository and the individual who triggered the pipeline - to communicate for following the standards we defined.
Not really. I guess you can use the project_links domains of web services, but you’ll need to do some logic like
delete existing links (POST api/project_links/delete) before creating new ones, so you don’t end up with infinite links
check for the presence of any link (GET api/project_links/search) and assume that if one exists (or exists in a certain form, like with a certain URL format), you don’t need to create another
Thank you @Colin . Much appreciated! I am planning to use only for the newly created projects. Let me try to set the link upon creation for a feature branch.