2021-06-06 16:35:37 +02:00
|
|
|
# Gitea related configuration. Necessary for adding/updating comments on repository pull requests
|
|
|
|
gitea:
|
2021-07-11 15:16:18 +02:00
|
|
|
# Endpoint of your Gitea instance. Must be expandable by '/api/v1' to form the API base path as shown in Swagger UI.
|
|
|
|
url: https://try.gitea.io
|
2021-06-06 16:35:37 +02:00
|
|
|
|
|
|
|
# Created access token for the user that shall be used as bot account.
|
|
|
|
# User needs "Read project" permissions with access to "Pull Requests"
|
2021-06-21 11:30:02 +02:00
|
|
|
token:
|
|
|
|
value: ""
|
2021-10-12 13:10:35 +02:00
|
|
|
# # or path to file containing the plain text secret
|
|
|
|
# file: /path/to/gitea/token
|
2021-06-06 16:35:37 +02:00
|
|
|
|
|
|
|
# If the sent webhook has a signature header, the bot validates the request payload. If the value does not match, the
|
|
|
|
# request will be ignored.
|
|
|
|
# The bot looks for `X-Gitea-Signature` header containing the sha256 hmac hash of the plain text secret. If the header
|
|
|
|
# exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be validated.
|
2021-06-21 11:00:31 +02:00
|
|
|
webhook:
|
|
|
|
secret: ""
|
2021-10-12 13:10:35 +02:00
|
|
|
# # or path to file containing the plain text secret
|
|
|
|
# secretFile: /path/to/gitea/webhook/secret
|
2021-06-06 16:35:37 +02:00
|
|
|
|
|
|
|
# SonarQube related configuration. Necessary for requesting data from the API and processing the webhook.
|
|
|
|
sonarqube:
|
2021-07-11 15:16:18 +02:00
|
|
|
# Endpoint of your SonarQube instance. Must be expandable by '/api' to form the API base path.
|
|
|
|
url: https://sonarcloud.io
|
2021-06-06 16:35:37 +02:00
|
|
|
|
|
|
|
# Created access token for the user that shall be used as bot account.
|
|
|
|
# User needs "Browse on project" permissions
|
2021-06-21 11:30:02 +02:00
|
|
|
token:
|
|
|
|
value: ""
|
2021-10-12 13:10:35 +02:00
|
|
|
# # or path to file containing the plain text secret
|
|
|
|
# file: /path/to/sonarqube/token
|
2021-06-06 16:35:37 +02:00
|
|
|
|
|
|
|
# If the sent webhook has a signature header, the bot validates the request payload. If the value does not match, the
|
|
|
|
# request will be ignored.
|
|
|
|
# The bot looks for `X-Sonar-Webhook-HMAC-SHA256` header containing the sha256 hmac hash of the plain text secret.
|
|
|
|
# If the header exists and no webhookSecret is defined here, the bot will ignore the request, because it cannot be
|
|
|
|
# validated.
|
2021-06-21 11:00:31 +02:00
|
|
|
webhook:
|
|
|
|
secret: ""
|
2021-10-12 13:10:35 +02:00
|
|
|
# # or path to file containing the plain text secret
|
|
|
|
# secretFile: /path/to/sonarqube/webhook/secret
|
|
|
|
|
|
|
|
# Some useful metrics depend on the edition in use. There are various ones like code_smells, vulnerabilities, bugs, etc.
|
|
|
|
# By default the bot will extract "bugs,vulnerabilities,code_smells"
|
|
|
|
# Setting this option you can extend that default list by your own metrics.
|
|
|
|
additionalMetrics: []
|
|
|
|
# - "new_security_hotspots"
|
2021-06-06 16:35:37 +02:00
|
|
|
|
2021-06-22 11:27:53 +02:00
|
|
|
# List of project mappings to take care of. Webhooks for other projects will be ignored.
|
|
|
|
# At least one must be configured. Otherwise all webhooks (no matter which source) because the bot cannot map on its own.
|
|
|
|
projects:
|
|
|
|
- sonarqube:
|
|
|
|
key: project-1
|
|
|
|
# A repository specification contains the owner name and the repository name itself. The owner can be the name of a
|
|
|
|
# real account or an organization in which the repository is located.
|
|
|
|
gitea:
|
|
|
|
owner: justusbunsi
|
|
|
|
name: example-repo
|