I'm looking at integrating Sonarqube with our github instance. the one issue we're having is that SonarQube only supports preview analysis with Github currently, as opposed to a full one that includes code coverage. What we would ideally like is for SonarQube to do a full analysis of each pull request, and then post the outcome of this back to Github as a Github check. Is this possible?
Related
We setup Sonar qube pull request decoration in AzureDevOps.
It report code issues and analyze status to pull request. Also code coverage gathered and can be viewed on Sonar site. Diff coverage also calculated correctly.
But is it possible report coverage back to pull request, so reviewer can take look on difference not leave pull request page? I see on different screenshots, that for github it is possible. But is it possible for AzureDevOps?
We cannot do this now, In the azure DevOps, we could see the Sonar report in the Sonar site.
You could add your request for this feature on our UserVoice site, which is our main forum for product suggestions. And produce team will check the request. Thank you for helping us build a better Azure DevOps.
I am trying to integrate Percy.io, a visual regression testing tool with Github status check.
I have signed up for free account with Percy and paid Github version.
I wanted to setup status check with Percy with each pull request as below suggested at percy doc on status check
I have integrated Percy in Github
Added rules in Github
but still don't see check on pull request.
Added same project in percy.io too
Any Idea what I am missing over here?
It's hard to be specific without knowing more about your application, however one piece that seems to be missing from your setup is a CI/CD configuration.
Basically, you need a Continuous Integration service (such as Travis, Jenkins, CircleCI or others to trigger a build for your project so that percy can capture snapshots. Did you configure one?
See the documentation here.
Here an example configuration for one of my projects. Note that how you set this up may differ if you use a different set of tools than what's in the article.
I configured SonarQube analysis to report it's status to pull requests on my GitHub project. SonarCloud already supports pull requests as first class citizen as described in https://blog.sonarsource.com/sonarcloud-loves-your-build-pipeline. As I understand, this kind of integration is not using the GitHub Plugin for SonarQube.
The configuration provides these properties (look here for the complete configuration)
sonar.pullrequest.provider
sonar.pullrequest.github.repository
sonar.pullrequest.branch
sonar.pullrequest.key
The credentials for the technical user are set in the SonarCloud project administration.
You can see the results here: https://github.com/BudgetFreak/BudgetFreak/pull/86#pullrequestreview-125364230
Every issue is reported as an inline comment, one summary comment is made and the status is reported for the code-quality/sonarqube check.
I would like to disable the inline comment on every issue. This was possible using the GitHub plugin. Can this also be achieved with the new pull request integration?
Unfortunately, on SonarCloud, this feature is not available.
I have SonarQube server 5.6 and I am using Github. I have done the integration to setup Sonar Github plugin but I fail to understand whether this should report if the new code does not meet the code coverage threshold setup in the Quality Gate.
In the Quality Gate I have defined an error to be raised unless there is more than 75% code coverage for the new code that is being introduced by a Pull Request.
Should the Sonar Github plugin report an issue (comment) in Github pull request if the new code added does not meet the Quality Gate metric that I setup?
Is there any way to mark in Github Pull Requests if the new code trying to be merged does not meet the coverage expectations?
Thanks!
Pull request analysis cannot currently raise all types of issues. Specifically it cannot raise issues related to metrics because those are consolidated on the server side during analysis report processing and in a Pull Request analysis the analysis report is by design never submitted to the server.
EDIT The PR analysis which is offered as part of the Developer Edition($) does both decorate the PR in the provider (e.g. GitHub) and show the PR on the server. However, metric-related issues still don't show up in this enhanced analysis.
Is there any way to programmatically check say, using the GitHub API or some API for Travis CI, if a particular project on GitHub or Travis CI uses SonarQube?
Also apart from SonarQube what other program analysis tools do people usually use?
Neither GitHub API nor Travis CI API will be able to provide you with such information - simply because code analysis tools/services are third-party systems that are not built-in features of GitHub or Travis CI.
If you want to "see how many open source projects on GitHub use static program analysis tools", then you would have to browse the source code of each repository to discover some facts that might give you this information (like for instance looking into the .travis.yml file). But because there's no built-in/standard feature on that topic, this would be extremely difficult to correctly achieve this goal IMO.