Setting up GitHub integration for your project

Setting up pull request integration

For bound projects (projects created by importing the GitHub repository), pull request decoration is supported in GitHub provided the pull request analysis has been properly set up in your project. See Setting up the pull request analysis.

You can bind an existing and manually created project to its GitHub repository provided the global integration of SonarQube Server with GitHub has been properly set up. To do so, see Changing your project binding.

Disabling the analysis summary in GitHub Conversation tab

By default, SonarQube Server shows the analysis summary in the Conversation and Checks tab of your GitHub pull requests.

To disable the summary in the Conversation tab:

• In your SonarQube Server project page, navigate to Project Settings > General Settings > DevOps Platform Integration and unselect Enable analysis summary under the GitHub Conversation tab.

Preventing pull request merges when the quality gate fails

SonarQube Cloud adds the quality gate status as a GitHub check. To block pull requests from being merged if it is failing the quality gate, define on your branch a ruleset (recommended) or a protection rule.

With a branch ruleset

1. In GitHub, go to your repository Settings and select Rules > Rulesets under Code and automation.

2. Create a new branch ruleset (or edit an existing one).

3. In the Target branches section, select Add a target, and define the name pattern of the branches you want to target. For more information, see the GitHub documentation.

4. In the Branch protections section, select Require status checks to pass.

5. In the additional settings, select Require branches to be up to date before merging.

6. In Status checks that are required, select Add checks.

7. Find SonarQube Code Analysis and add it to the list of required checks.

8. Terminate the ruleset creation.

With a branch protection rule

1. In GitHub, go to your repository Settings > Branches > Branch protection rules and select either the Add rule or Edit button if you already have a rule on the branch you wish to protect.

2. Complete the Branch protection rule form:

   • Define the Branch name pattern (the name of the branch you wish to protect)

   • Select Require status checks to pass before merging to open supplementary form fields.

   • In the Search for status checks in the last week for this repository field, select Require branches to be up to date before merging, then find SonarQube Code Analysis and add it to the list of required checks.

3. Terminate the protection rule creation.

Related pages

• Issues reported in GitHub