deblan/gitea-sonarqube-bot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
gitea-sonarqube-bot/README.md
justusbunsi 4cb2138451
Visualize workflow 
Signed-off-by: Steven Kriegler <61625851+justusbunsi@users.noreply.github.com>
2021-05-24 21:04:48 +02:00

61 lines
2 KiB
Markdown
Raw Blame History

# Gitea SonarQube PR Bot
_Gitea SonarQube PR Bot_ is (obviously) a bot that receives messages from both SonarQube and Gitea to help developers
being productive. The idea behind this project is the missing ALM integration of Gitea in SonarQube. Unfortunately,
this [won't be added in near future](https://github.com/SonarSource/sonarqube/pull/3248#issuecomment-701334327).
_Gitea SonarQube PR Bot_ aims to fill the gap between working on pull requests and being notified on quality changes.
Luckily, both endpoints have a proper REST API to communicate with each others.
## Workflow
![Workflow](assets/workflow.png)
**Insights**
- Bot activities
- extract data from SonarQube
- Read payload from hook post to receive project,branch/pr,quality-gate
- Reads "api/project_pull_requests" to get current issue counts and current state
- Load "api/issues/search" to get detailed information for unresolved issues
- Load "api/measures/component"
- comment PR in Gitea (/repos/{owner}/{repo}/issues/{index}/comments)
- stores mapping of repo+pr+comment-id in ?redis?
- updates status check (either failing/success)
- listen on "/sq-bot review" comments
-> updates comment (/repos/{owner}/{repo}/issues/comments/{id})
-> updates status check (either failing/success)
## Authentication
- Gitea
- User with token to access the REST API
- User needs "Read project" permissions with (??at least??) access to "Pull Requests"
- SonarQube
- User with token to access the REST API
- User needs "Browse on project" permissions
## Bot configuration
- SonarQube
- Base URL
- Token
- Webhook Secret
- Gitea
- Base URL
- Token
- Webhook Secret
## SonarQube configuration
- Add user with necessary permissions
- Create webhook pointing to the bot url (secure it with webhook secret)
## Gitea configuration
- Add user with necessary permissions
- Create webhook on a project/organization pointing to the bot url (secure it with webhook secret)
Reference in a new issue View git blame Copy permalink