Setting up project integration

Setting up pull request integration

For bound projects (projects created by importing the GitHub repository), pull request decoration is supported in GitHub provided the pull request analysis has been properly set up in your project. See Setting up the pull request analysis.

Disabling the analysis summary in GitHub Conversation tab

By default, SonarQube Server shows the analysis summary in the Conversation and Checks tab of your GitHub pull requests.

To disable the summary in the Conversation tab:

• In your SonarQube Server project page, navigate to Project Settings > General Settings > DevOps Platform Integration and unselect Enable analysis summary under the GitHub Conversation tab.

Reporting your quality gate status in GitHub for unbound projects

On projects bound to their GitHub repository, SonarQube Server automatically sets up the report of your quality gate status and analysis metrics directly to your GitHub pull requests. For unbound projects, you must set up the quality gate status manually as explained below.

SonarQube Server can also report your quality gate status to GitHub pull requests for existing and manually created projects provided the global integration of SonarQube Server with GitHub has been properly set up. Proceed as follows:

1. In the SonarQube Server project page, select Project Settings > General Settings > DevOps Platform Integration.

2. Set:

   • Configuration name: The name of your GitHub instance’s Configuration record set in Step 3: Add the GitHub App to SonarQube Server’s global setup (ask your admin).

   • Repository identifier: The path of your repository URL.

Preventing pull request merges when the quality gate fails

In GitHub, you can block pull requests from being merged if it is failing the quality gate. To do this:

1. In GitHub, go to your repository Settings > Branches > Branch protection rules and select either the Add rule or Edit button if you already have a rule on the branch you wish to protect.

2. Complete the Branch protection rule form:

   • Define the Branch name pattern (the name of the branch you wish to protect)

   • Select Require status checks to pass before merging to open supplementary form fields.

   • In the Search for status checks in the last week for this repository field, select Require branches to be up to date before merging, then find SonarQube Code Analysis and add it to the list of required checks.