search
Start FreeLogin

Agents in your GitHub pull request

This page helps you understand the behavior of the SonarQube Remediation agent and provides additional information about engaging with the agent during the review process of your pull request.

hashtag
The SonarQube Remediation Agent

circle-check

The SonarQube Remediation Agent is a Betaarrow-up-right feature available with Enterprise plan accounts. It is free during the beta phase and will be a paid feature when it moves to General Availabilityarrow-up-right. To learn more about the terms & conditions, please see our legal page about features in Early Accessarrow-up-right.

If your SonarQube Cloud organization is not on an Enterprise plan, please see the Getting started with Enterprise pages to get the process started.

Once the SonarQube Remediation Agent is activated as described on the SonarQube Remediation Agent page, it's activity can be reviewed in SonarQube Cloud and the agent can be engaged in GitHub on your open PR.

The agent is triggered when your quality gate fails during the pull request (PR) analysis. If a fix is available, the SonarQube Remediation Agent will suggest changes a new PR targeting your branch. This PR contains a commit or series of commits along with information about each issue and why the changes were made.

When additional commits are added to your PR and the quality gate again fails, a new agent will be triggered, repeating the process. Issues will be fixed once you review and merge the agent's changes.

hashtag
Agent behavior

With the agent enabled, go to Your SonarQube Cloud Project > Agent activity to view its activity. From there you can jump to:

  1. The GitHub PR where the agent exists.

  2. The PR summary for the relevant pull request. See the Pull request analysis page for information about Understanding your pull request analysis.

  3. A timestamp for the recorded activity.

The SonarQube Cloud Agent activity page lists each of the agent's event moments on your pull request analyses.

hashtag
Engage with the agent

A single Remediation Agent Summary will be created on your open pull request explaining the agent's suggestions. The summary provides a brief explanation about the issue types that the agent addresses, giving you insight into types of issues that the agent will correct. A link will be provided to a new PR created by the agent, where you can review each fix before accepting the change. The diagram below highlights what you'll see in the Remediation Agent Summary:

  1. The status of your quality gate will be shown on the activity history of our PR. The next action item in your history should be the Remediation Agent summary; if it doesn't show up or isn't updating its status, try refreshing your page.

  2. Select the Suggested fixes collapsible to reveal the list of fixes provided by the agent. The summary page provides information about:

    • Quality: each issue's software quality

    • Issue: the issues's rule description and a link to the issue as found in the SonarQube Cloud Pull request analysis

  3. If the agent can't provide a fix suggestion, Issues requiring manual fix will be listed. When expanded, you will see the issue's rule description and a link to the issue as found in the SonarQube Cloud Pull request analysis. See the page about using SonarQube for IDE and connected mode to learn how to find and fix an issue in your IDE.

  4. Agent created PR #XXX provides a link to a new PR created by the SonarQube Remediation Agent, on your branch. This PR contains a list of Fixed Issues including rule descriptions and a necessary series of commits organized by issue, ready for you to review. See Review agent fix suggestions below.

The current state of SonarQube Remediation Agent's activity will be summarized as a comment in your pull request on GitHub.

hashtag
Review agent fix suggestions

Open the agent's PR as described in point 3 above to review fix suggestions before merging them into your original PR.

The Fixed Issues summary on the agent's pull request lists each issue's rule number, title, quality, description, along with a link to the issue in SonarQube Cloud. Below the PR summary you'll find a list of commits where the change summary is stacked and sorted by issue keys.

  1. The SonarQube Remediation Agent creates a new PR targeting your branch.

  2. A link to your project in SonarQube Cloud is provided.

  3. The PR summary provides a list of Fixed Issues as an inventory of fixes in this PR. Expand an issue to see its rule description, information about Why this is an issue, and a quick diff view showing What changed in this PR.

  4. The View issue link takes you to the issue in SonarQube Cloud.

  5. The SonarQube Remediation Agent is listed as the commit author.

  6. The agent's comments are condensed in the commit message and the change summary is stacked and sorted by issue key.

  7. A new PR analysis will be run automatically to check the agent's fixes against your quality standards.

Each issue fixed by the SonarQube Remediation Agent will have information to help you review what is changed in the PR.

Once reviewed and merged, the commits will be added to your original PR. These new commits will trigger a new Pull request analysis and the cycle will repeat until your quality gate passes your quality standards.

PreviousSonarQube Remediation AgentNextIn your DevOps platform

Last updated

Was this helpful?