Hello All!
We’re planning on an on-premise installation of Sonar and look to leverage the Quality Gate features for GitHub PRs. Does anyone know the minimum public footprint required? I imagine the OAuth2 callback URL and maybe some webhook endpoints?
Thanks in advance!
-Nick Baker
Hi,
Welcome to the community!
By public, I guess you mean exposed on the internet? I guess because you’re using GH.com, not GH Enterprise?
Ann
That’s correct. Public GitHub.
Thanks,
Nick
Colin. At the very least the GitHub OAuth2 callback has the be called to obtain access tokens correct?
See: https://docs.sonarqube.org/latest/analysis/pr-decoration/
Colin, at the very least the GitHub OAuth2 callback has the be called to obtain access tokens correct? I appreciate it. Getting this answer is critical for approval of Sonar within our company
Hey Nick,
Sonarqube needs access to interact with GitHub.com (and we don’t document exactly which GitHub.com endpoints). It’s one way communication, and what SonarQube can access is controlled by permissions on the GitHub app.
GitHub.com does not need to communicate with SonarQube except for returning data when SonarQube calls it’s APIs.