2021-05-12 19:47:20 +02:00
|
|
|
# Gitea SonarQube PR Bot
|
|
|
|
|
|
|
|
_Gitea SonarQube PR Bot_ is (obviously) a bot that receives messages from both SonarQube and Gitea to help developers
|
|
|
|
being productive. The idea behind this project is the missing ALM integration of Gitea in SonarQube. Unfortunately,
|
2021-05-24 19:54:06 +02:00
|
|
|
this [won't be added in near future](https://github.com/SonarSource/sonarqube/pull/3248#issuecomment-701334327).
|
|
|
|
_Gitea SonarQube PR Bot_ aims to fill the gap between working on pull requests and being notified on quality changes.
|
|
|
|
Luckily, both endpoints have a proper REST API to communicate with each others.
|
2021-05-12 19:47:20 +02:00
|
|
|
|
2021-06-06 16:35:37 +02:00
|
|
|
## Table of Contents
|
|
|
|
|
|
|
|
- [Gitea SonarQube PR Bot](#gitea-sonarqube-pr-bot)
|
|
|
|
- [Workflow](#workflow)
|
|
|
|
- [Setup](#setup)
|
|
|
|
- [Bot configuration](#bot-configuration)
|
|
|
|
- [Contributing](#contributing)
|
|
|
|
- [License](#license)
|
2021-05-12 19:47:20 +02:00
|
|
|
|
|
|
|
## Workflow
|
|
|
|
|
2021-05-24 19:54:06 +02:00
|
|
|
![Workflow](assets/workflow.png)
|
|
|
|
|
|
|
|
**Insights**
|
2021-05-12 19:47:20 +02:00
|
|
|
|
|
|
|
- Bot activities
|
|
|
|
- extract data from SonarQube
|
|
|
|
- Read payload from hook post to receive project,branch/pr,quality-gate
|
|
|
|
- Reads "api/project_pull_requests" to get current issue counts and current state
|
|
|
|
- Load "api/issues/search" to get detailed information for unresolved issues
|
|
|
|
- Load "api/measures/component"
|
|
|
|
- comment PR in Gitea (/repos/{owner}/{repo}/issues/{index}/comments)
|
|
|
|
- stores mapping of repo+pr+comment-id in ?redis?
|
|
|
|
- updates status check (either failing/success)
|
|
|
|
- listen on "/sq-bot review" comments
|
|
|
|
-> updates comment (/repos/{owner}/{repo}/issues/comments/{id})
|
|
|
|
-> updates status check (either failing/success)
|
|
|
|
|
2021-06-06 16:35:37 +02:00
|
|
|
## Setup
|
2021-05-12 19:47:20 +02:00
|
|
|
|
2021-06-06 16:35:37 +02:00
|
|
|
**SonarQube**
|
|
|
|
- Create a user and grant permissions to "Browse on project" for the desired project
|
|
|
|
- Create a token for this user that will be used by the bot.
|
|
|
|
- Create a webhook pointing to `https://<bot-url>/sonarqube`. Consider securing it with a secret.
|
2021-05-12 19:47:20 +02:00
|
|
|
|
2021-06-06 16:35:37 +02:00
|
|
|
**Gitea**
|
|
|
|
- Create a user and grant permissions to "Read project" for the desired projects including access to "Pull Requests"
|
|
|
|
- Create a token for this user that will be used by the bot.
|
|
|
|
- Create a project/organization/system webhook pointing to `https://<bot-url>/gitea`. Consider securing it with a secret.
|
2021-05-12 19:47:20 +02:00
|
|
|
|
|
|
|
## Bot configuration
|
|
|
|
|
2021-06-06 16:35:37 +02:00
|
|
|
See [config.example.yaml](config/config.example.yaml) for a full configuration specification and description.
|
2021-05-24 20:53:22 +02:00
|
|
|
|
|
|
|
## Contributing
|
|
|
|
|
|
|
|
Expected workflow is: Fork -> Patch -> Push -> Pull Request
|
|
|
|
|
|
|
|
NOTES:
|
|
|
|
|
|
|
|
- **Please read and follow the [CONTRIBUTORS GUIDE](CONTRIBUTING.md).**
|
|
|
|
|
|
|
|
## License
|
|
|
|
|
|
|
|
This project is licensed under the MIT License. See the [LICENSE](LICENSE) file for the full license text.
|