Deprecated
This plugin is deprecated, and its functionality more than replaced by the Developer Edition for SonarQube 7.2+.
The GitHub Plugin serves only one purpose: analyse GitHub pull requests without pushing results to SonarQube. Any issues that are found are published as comments on the pull request.
Description
The plugin performs the following operations:
- Add an inline comment for each issue
- Add a global comment that gives a summary of the analysis
- [Optionally since v1.3] Update the status of the analysis: if no blocker no critical issues were found, the check is green - otherwise it is red to raise attention
Requirements
SonarQube
- SonarQube Server must be up and running. If that's not the case, see Setup and Upgrade.
- The SonarQube GitHub plugin is installed on SonarQube Server.
GitHub
- You have a dedicated technical GitHub user which will be used to insert comments when there are issues and update the status of the pull request.
- To insert comments, you just need to generate a token (for that user) that has only the "public_repo" scope (or "repo" for private repositories)
- The update of the pull request is optional (since version 1.3): the technical user must have commit rights on the target repository to be able to update the status of the Pull Request. Otherwise, then a warning will be logged.
Usage
Checkout the branch of the pull request you want to analyse and run a SonarQube preview analysis with following parameters:
Key | Description | Default value |
---|---|---|
DEPRECATED FROM SQ 6.6
| Set to preview | |
sonar.github.oauth | Personal access token generated in GitHub for the technical user | |
sonar.github.repository | Identification of the repository. Format is: <organisation/repo>. Exemple: SonarSource/sonarqube | Extracted from property sonar.links.scm_dev |
sonar.github.pullRequest | Pull request number |
Optional parameters:
Key | Description | Default value |
---|---|---|
sonar.github.endpoint | URL to access GitHub WS API. Default value is fine for public GitHub. It is needed for GitHub enterprise. | https://api.github.com |
sonar.github.disableInlineComments | If set to true issues will not be reported as inline comments but only in the global summary comment | false |
Example
sonar-scanner -Dsonar.analysis.mode=preview \ -Dsonar.github.pullRequest=$PULL_REQUEST_ID \ -Dsonar.github.repository=myOrganisation/myProject \ -Dsonar.github.oauth=$GITHUB_ACCESS_TOKEN \ -Dsonar.host.url=https://server/sonarqube \ -Dsonar.login=$SONARQUBE_ACCESS_TOKEN
Have Question or Feedback?
To provide feedback (request a feature, report a bug etc.) use the Community Forums. Please do not forget to specify plugin and SonarQube versions if it relates to a bug.