SonarQube API to get the PR analysis report

ramadevi04g · October 2, 2019, 10:01pm

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
SonarQube : 7.9.1 Enterprise Edition
Scanner: 4.1.0.1829
what are you trying to achieve
Do a API call to the PR analysis of a GitHub PR to get the status and report for that analysis. Since, We have two different instances of GitHub, cannot add the GitHub instance name on the Global properties in the sonarqube. We have already raised a concern for this issue and SonarQube team is working on it https://jira.sonarsource.com/browse/MMF-1814. MeanWhile, My plan is to call the sonarqube api to get the PR analysis report. Process the JSOn response and send to the GitHub PR status check.
what have you tried so far to achieve this
After the sonar scanner, report-rask.txt file is created with little information. ceTaskUrl=https://sonarqube/api/ce/task?id=********* is present. But this doesn’t give enough information to me.

Any help is much appreciated.

Thanks In Advance
Rama

ganncamp · October 3, 2019, 12:44pm

Hi Rama,

I think you’re looking for webhooks.

Ann

ramadevi04g · October 3, 2019, 9:17pm

Hi Ann,

Do you have sample webhook for github that I can refer to?

Thanks
Rama

ganncamp · October 4, 2019, 11:34am

Hi Rama,

Have you read the documentation I linked to in my previous reply?

Ann

ramadevi04g · October 4, 2019, 4:16pm

Hi Ann,

Yes I did. SonarQube webhook is generating a payload with all the details. But GitHub status api is expecting a payload with different objects. For example, SonarQube says serverUrl. But Github is looking for targetUrl.

  "state": "success",
  "target_url": "https://example.com/build/status",
  "description": "The build succeeded!",
  "context": "continuous-integration/jenkins"

The above is the expected payload for Github. Is there a way to modify the sonarqube payload and also Github api need latest commit id to do the status check. Below is the api to generate github status check.

https://<GitHub Instance>/api/v3/repos/:owner/:repo/statuses/:sha
Is there any way to get to the commit id from sonarqube in this scenario?

Thanks
Rama.

ganncamp · October 4, 2019, 4:30pm

Hi Rama,

You may be interested to know that 8.0 is likely (no promises!) to include the ability to connect to multiple SCM instances. But failing that you’ll need to put something in place between SonarQube and GH Checks to do the translation. That piece can also grab the commit id from your CI, assuming its available.

HTH,
Ann

ramadevi04g · October 4, 2019, 4:36pm

Hi Ann,

Good to know that support for multiple SCM instances is likely to come in 8.0. But I am getting push back from Build Engineering team for creating github apps and installing them to the repos. So, looking for work around to get the status check feature.

Thanks
Rama

Colin · December 18, 2019, 9:43am

Hey @ramadevi04g

SonarQube v8.1 was released yesterday and includes the ability to define multiple instances of the same ALM for PR Decoration, stating in the Enterprise Edition.

Colin