Support for GitHub.com Pull Request Decoration in SQ Developer Edition

sonarqube

(Chris Schmidt) #1

GitHub.com is not listed as supported for SonarQube Developer Edition. Is this something already planned for a future release of SQ? My organization is moving to GitHub’s cloud offering instead of internal servers, and the lack of pull request decoration will be a severe constraint when we upgrade to 7.3+ (we’re on the LTS version now).


(Nicolas Bontoux) #3

Hi Chris,

Well I could simply answer that there’s no immediate plan, but I’d rather share the background/context:

  1. Pull-Request decoration was released just a version ago (SQ 7.2). The first natural step was to offer on-prem solutions for an on-prem product (with SonarCloud looking after cloud-based solutions). By no means are we saying that we won’t go further, simply that this was a first baby-step and we’re now listening to feedback and suggestions.

  2. There are some challenges that can come with hooking cloud-based hosting/CI with on-prem tools. If any webhook or other needs to make it from the cloud to on premise, that would mean going through DMZ/firewall/proxies etc.

All in all, things that must be thought/discussed carefully, to avoid any end-user frustration down the road. While we’re at it, may I ask:

If you’re crossing that bridge, any consideration your team/org has put into adopting SonarCloud ? You’re feedback into why/how this was discussed/considered/rejected can be interesting to contextualise further this discussion.


(Frédéric Drouet) #4

Hi Nicolas,

I am currently looking at buying a Developer subscription for my company’s on-premise SonarQube deployment which is using GitHub.com and the capacity to analyze the GitHub.com Pull Request + adding decoration on it is really important in our decision.

I definitively understand the network problems for non public on-premise install but why not adding this capability for SonarQube deployment which are publicly available on internet like we do ?

I am eager to hear your opinion about this proposal ?
Fred


(Nicolas Bontoux) #5

Hey @fdrouet,

This is actually exactly what we do with our own public instance @ next.sonarqube.com , which you can see analyzing and decorating PRs on github.com ! (see this PR in SQ, decorated here on GitHub - note for future readers that such links may obviously be ephemeral)

Now you might wonder why this discussion about SQ Developer Edition with GitHub.com then ? Well as I shared in my previous post right now we’re really highlighting these natural online+online and onprem+onprem approaches, however we’re fully aware that we need to give some more specifics into what combinations are realistic or not (see my note about webhooks across firewalls/dmz for example).

All in all right here my intent really is to show you a concrete live example that SQ with GitHub.com can be an awesome experience with PR decoration (amongst other features). Do feel free to fiddle around with our open-source projects on next.sonarqube.com and GitHub, and ultimately I would recommend you also get some evaluation licenses to give it a try on your setup, and get comfortable with the behaviour.