Uploaded image for project: 'Product Roadmaps'
  1. Product Roadmaps
  2. MMF-1492

Provide PR decoration in GitHub Checks tab for SonarQube - GitHub Enterprise



    • Type: MMF
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Labels:



      After completion of https://jira.sonarsource.com/browse/MMF-1305, we want to benefit from the new user experience of PR decoration inside the Checks tab using the GitHub Checks API.
      Users might experience the bug that does not delete previous Reviews after analysis and we want to fix this bug as well.

      The objective is to have the same functional scope as decorating PR with Checks in SonarCloud - GitHub.


      Do we want to both support GitHub App and the authentication way to decorate PR?

      We want to support only the GitHub App. Checks is the way to go to decorate PR by a bot. Conversation tab is only for human review.

      We think that having both GH app and the authentication token to configure PR decoration is too complicated for the admin and we aim at minimal work required for the admin. 

      What is the user journey to install the APP and have the PR decorated ?

      • Create the GitHub APP on GHE 
      • Generate the private key with the downloaded pem file from GHE
      • Specify the GitHub app properties at the instance configuration level
      • -> it's done in 5/10 minutes


      Make it possible to use the app at GHE organization level - Can it work without organization concept on SQ ?
      -> Yes, the app is created once and the APP is installed in each organization in GHE by an admin of the GHE organization.

      How the admin can install the application ? is there a search for an app from the organization ? Several organizations on GHE ? 
      -> The app has a "public" URL. Organizations and users on GHE who would like to decorate their PRs, will have to visit the homepage of the app, and click Install or Configure. (The button has different label, depending on whether the user has ever installed it in any organization or repository.)

      Update documentation with pre-requisite (GHE version) and the workflow to install GitHub APP and decorate PR

      Use cases 

      • Customers coming from last LTS do not have PR decorated -> installation of GH app will be the first time
      • Customers migrating from a 7.x to LTS
      • GH Checks on SQ and GitHub.com ? -> best effort -> setup is the same as on GHE

      Other comments

      • See if we can remove OAuth APP as we have done on members sync
      • We will validate this MMF with GHE 2.16.


      Remove the need for sonar.alm.github.app.globalAccountToken.

      The need for this token is an added complexity of SonarQube setup, and a dirty hack. Therefore we remove it.

      This token is used to get the id of a GitHub account given its name. The id is then used to find the installation id for the account in the mapping table stored inside SonarQube.

      We replace that with a new mechanism:

      1. Before each decoration, call to /app/installations to retrieve all installations.
      2. From that list, select the installation id matching the given account name. 

      Migrating existing users

      • Only DE+ users are affected (PR support)
      • Existing Reviews in RED state will become GREEN, to avoid blocking pipelines
      • Users of the Require status checks to pass before merging feature of GitHub repositories, the GitHub admin should replace "SonarQube" with "SonarQube Code Analysis"
      • Users must be informed of the new behavior of decoration (look for Checks tab instead of Conversation, and no more inline comments)

      What about SQ + github.com ?

      The setup steps for github.com are the same as for GHE.

      Side note
      GitChecks are available from GitHub Enterprise 2.14+ (See releases notes)
      The previous version of GitHubEnterprise 2.13 will be deprecated on March 2019 - 2 months before the release of the LTS.


          Issue Links



              aurelie.boiteux Aurélie Boiteux (Inactive)
              aurelie.boiteux Aurélie Boiteux (Inactive)
              0 Vote for this issue
              3 Start watching this issue