GitHub.com is not listed as supported for SonarQube Developer Edition. Is this something already planned for a future release of SQ? My organization is moving to GitHub’s cloud offering instead of internal servers, and the lack of pull request decoration will be a severe constraint when we upgrade to 7.3+ (we’re on the LTS version now).
Well I could simply answer that there’s no immediate plan, but I’d rather share the background/context:
Pull-Request decoration was released just a version ago (SQ 7.2). The first natural step was to offer on-prem solutions for an on-prem product (with SonarCloud looking after cloud-based solutions). By no means are we saying that we won’t go further, simply that this was a first baby-step and we’re now listening to feedback and suggestions.
There are some challenges that can come with hooking cloud-based hosting/CI with on-prem tools. If any webhook or other needs to make it from the cloud to on premise, that would mean going through DMZ/firewall/proxies etc.
All in all, things that must be thought/discussed carefully, to avoid any end-user frustration down the road. While we’re at it, may I ask:
If you’re crossing that bridge, any consideration your team/org has put into adopting SonarCloud ? You’re feedback into why/how this was discussed/considered/rejected can be interesting to contextualise further this discussion.
I am currently looking at buying a Developer subscription for my company’s on-premise SonarQube deployment which is using GitHub.com and the capacity to analyze the GitHub.com Pull Request + adding decoration on it is really important in our decision.
I definitively understand the network problems for non public on-premise install but why not adding this capability for SonarQube deployment which are publicly available on internet like we do ?
I am eager to hear your opinion about this proposal ?
This is actually exactly what we do with our own public instance @ next.sonarqube.com , which you can see analyzing and decorating PRs on github.com ! (see this PR in SQ, decorated here on GitHub - note for future readers that such links may obviously be ephemeral)
Now you might wonder why this discussion about SQ Developer Edition with GitHub.com then ? Well as I shared in my previous post right now we’re really highlighting these natural online+online and onprem+onprem approaches, however we’re fully aware that we need to give some more specifics into what combinations are realistic or not (see my note about webhooks across firewalls/dmz for example).
All in all right here my intent really is to show you a concrete live example that SQ with GitHub.com can be an awesome experience with PR decoration (amongst other features). Do feel free to fiddle around with our open-source projects on next.sonarqube.com and GitHub, and ultimately I would recommend you also get some evaluation licenses to give it a try on your setup, and get comfortable with the behaviour.