PR analysis results are now displayed in the Checks tab of Pull Requests in GitHub

sonarcloud
announcement
github-checks

(Aurélie Boiteux-Cabourdin) #1

Hi SonarCloud users,

We are happy to announce that we deployed a new feature to display the result of the Pull Request Analysis in one place inside the Checks tab of your Pull Request in GitHub :slight_smile:

What to expect ?

As a result of the analysis, you’ll be able to see in the Checks tab for SonarCloud :

  • Whether the result of the analysis is a success or not
  • The number of open issues in your Pull Request if you have any
  • The coverage and duplication information
  • And a link to your PR in SonarCloud to dig in if you need

What will you gain ?

With this new feature, you’ll be able to concentrate on discussing with your pairs in the Conversation tab while having analysis results in a dedicated place.

We removed the comments posted by SonarCloud on each analysis that were not removed previously and polluted the Conversation tab.

How to enable the feature?

In order to enable this feature, please make sure you have accepted the SonarCloud GitHub App Request to add the “checks:write” permission (this permission was asked mid-december 2018).

Please be aware that in all cases, all the previous analysis comments will be deleted from the Conversation tab of the Pull Request. You’ll still be able to see your PR analysis results in SonarCloud.

Current limitations

  • It’s not possible to re-run the PR analysis from Checks

  • The Checks Suites are created automatically for every repository the SonarCloud has access to with a QUEUED status, even if there are no analysis launched on this PR.

  • As you will see, we decided for now to not display issues that are discovered in the code of the Pull Request (as well as issues that are not in the code).
    The reason is that with Checks, we first wanted to use Annotations to display issues. We realised that we would not be able to display in the best way we want the issue information such as the type of the issue (bug, code smell, vulnerability), the severity of the issue and the link to the issue in SonarCloud. You can still retrieve all those information on SonarCloud, via the link.

How to give feedbacks?

We would really appreciate your feedbacks about your new experience with Pull Request Analysis results now displayed in the Checks tab. They will help us improve the feature.

To give feedback, simply create a new thread on the forum, under “Get Help > SonarCloud with the “github-checks” tag".

Enjoy :smile:


SonarCloud Pull Request annotations with Azure Devops and Github not working
(Maxwell) #2

Good Stuff =)

Was that the reason the application name/id changed from “Sonar” to “Sonar Cloud Analysis” in github? I had to fix all my repos that had the sonar required for prs. =/


(Janos Gyerik) #3

I’m not sure what you mean… “Sonar Cloud Analysis” is the name of the Check Run we create when decorating a Pull Request. This name appears on the Conversation tab, on the status line of the check. It’s not the name of the app.

What changed is the app requires new permissions: to create checks. Is that what you meant? What did you need to fix on your repos?


(Ben Meneses Sosa) #4

This seems very exciting. Are there any plans to release something similar to the Bitbucket integration of SonarCloud? It’d be great if we could prevent merging if the SonarCloud analysis is not passing.


(Julien Henry) #5

On Bitbucket Cloud side, SonarCloud is already creating a commit status when a pull request is analyzed. If you have a premium Bitbucket account, you should be able to configure a merge check to prevent the merge is the status is not green. Note that we have not tested this Bitbucket feature on our side.
https://confluence.atlassian.com/bitbucket/merge-checks-856691474.html


(Ben Meneses Sosa) #6

Thanks for your answer. Although we use Bitbucket premium and have merge checks activated, I haven’t been able to find a way to configure a merge check based on the SonarCloud status for the branch.

I’m exploring the feasibility of writing our own plugin to do this but given that we use Bitbucket Cloud, it might not be possible.

Thanks again!


(Julien Henry) #7

Hi Ben,

I think we are kind of hijacking this GitHub thread :slight_smile: I have created a ticket on our side to look at this (unfortunately I can’t share the link). If you want to receive updates, don’t hesitate to open a new thread on this community forum.


(Lorenzo Bettini) #9

Hi

Thus, could you please confirm that the second screenshot in your page https://sonarcloud.io/about/sq/branch-analysis-and-pr-decoration is now obsolete?

The same holds for this line in https://docs.travis-ci.com/user/sonarcloud/ “SonarCloud can inspect internal pull requests of your repository and write comments on each line where issues are found.”

It was driving me mad the fact that I was seeing no comments in the conversation but just the check…

thanks in advance


(Aurélie Boiteux-Cabourdin) #10

Hi Lorenzo,

Indeed we forgot to update our docs, we’re sorry about that.
We will fix that asap.

Thank you for your feedback.