SonarQube Community Build | DevOps platform integration | GitHub integration | Introduction
GitHub integration
On this page
SonarQube's integration with GitHub Enterprise and GitHub.com allows you to maintain code quality and security in your GitHub repositories.
With this integration, you'll be able to:
- Sign in to SonarQube Community Build with your GitHub credentials.
- Import your GitHub repositories into SonarQube to easily set up SonarQube projects.
- Analyze projects with GitHub Actions: Integrate analysis into your build pipeline. Starting in Developer Edition, SonarScanners running in GitHub Actions jobs can automatically detect branches or pull requests being built so you don't need to specifically pass them as parameters to the scanner.
- Report your quality gate status to your branches and pull requests (starting in Developer Edition). See your quality gate and code metric results right in GitHub so you know if it's safe to merge your changes.
- Display security issues found by SonarQube Server as code scanning alerts in the GitHub interface.
- Import your monorepo into SonarQube Server to easily manage the related projects (starting in Enterprise Edition).
If you're using GitHub Enterprise, we recommend using GitHub Enterprise version 3.4+.
Related pages
- Setting up the GitHub integration at the global level
This section explains how to set up GitHub and SonarQube for their integration at the global level. You need the global Administer System permission in SonarQube to perform this setup. - Importing your GitHub repositories
Once the integration of SonarQube with GitHub has been properly set up, you can import a GitHub repository or monorepo to create the corresponding projects in SonarQube. - Setting up GitHub integration features at the project level
This page explains how to set up GitHub integration features for a given project, such as pull request decoration or the blocking of pull requests in case of quality gate failure. You need the Administer permission on the project to perform this setup. - Adding the SonarQube Server analysis to your GitHub Actions workflow
Once you have created your project(s) in SonarQube Server, you can add the SonarQube Server analysis to your GitHub Actions workflow, in a standard case and in the case of a monorepo.
Was this page helpful?
© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
