Setting up GitHub integration for your project

Setting up pull request integration

For bound projects (projects created by importing the GitHub repository), pull request decoration is supported in GitHub provided the pull request analysis has been properly set up in your project. See Setting up the pull request analysis.

You can bind an existing and manually created project to its GitHub repository provided the global integration of SonarQube Server with GitHub has been properly set up. To do so, see Changing your project binding.

Disabling the analysis summary in GitHub Conversation tab

By default, SonarQube Server shows the analysis summary in the Conversation and Checks tab of your GitHub pull requests.

To disable the summary in the Conversation tab:

1. Retrieve your SonarQube Server project. For more information, see Retrieving projects.

2. Go to Project Settings > General Settings > DevOps Platform Integration.

3. Unselect Enable analysis summary under the GitHub Conversation tab.

Preventing pull request merges when the quality gate fails

In GitHub, you can block pull requests from being merged if it is failing the quality gate. To do this:

1. In GitHub, go to your repository Settings > Branches > Branch protection rules and select either the Add rule or Edit button if you already have a rule on the branch you wish to protect.

2. Complete the Branch protection rule form:

   • Define the Branch name pattern (the name of the branch you wish to protect)

   • Select Require status checks to pass before merging to open supplementary form fields.

   • In the Search for status checks in the last week for this repository field, select Require branches to be up to date before merging, then find SonarQube Code Analysis and add it to the list of required checks.

Related pages

• Issues reported in GitHub

• Setting up the report of security alerts