Allows SonarQube scan results to be shown in a MS Teams channel.
An Azure Function written in .NET Core v3.1 (C#) that processes incoming SonarQube Webhook requests, and transforms them to a MS Teams "card" that's sent to a MS Teams channel via a MS Teams Webhook.
Tested with (it way work for other versions)
- SonarQube (Community) v8.3.1.34397
- MS Teams (Free) v1.3.00.13565
There was no SonarQube plugin for integration with MS Teams when I checked. As I'm not sufficiently proficient in Java to implement a proper Sonarqube plugin, so I did the simplest thing possible for myself to provide the functionallity.
You deploy this Azure Function to your own Azure Subscription.
There is a provided Powershell script (Windows) (src/SonarqubeMSTeamsBridge/CreateAzureResourcesAndPublishFunction.ps1) or Bash script (Linux) (src/SonarqubeMSTeamsBridge/CreateAzureResourcesAndPublishFunction.sh) that creates necessary Azure resources, and compiles/uploads the Azure function project in this repository.
The scripts requires the following command line tools to be installed on the machine you run it from, on either Windows or Linux.
az login
az account set --subscription [your_subscription_id_or_name_here]
When running the script, you need to provide the following parameters
- region: Code for region where resources will be created. Example: "westus", "eastus", "northeurope", "westeurope".
- resourceGroup: Name of Resource Group that will be created.
- storageName: Name of Storage Account that will be created. Note: name must be unique in all of Azure.
- functionAppName: Name of Function App that will be created. Note: name must be unique in all of Azure.
Note: Example parmeters below, you may want to change them.
Powershell on Windows
cd .\src\SonarqubeMSTeamsBridge
.\CreateAzureResourcesAndPublishFunction.ps1 -region "westus" -resourceGroup "rg-sqteamsbridge" -storageName "stsqteamsbridge$(Get-Random -Max 32767)" -functionAppName "func-sqteamsbridge$(Get-Random -Max 32767)"Bash on Linux
cd ./src/SonarqubeMSTeamsBridge
./CreateAzureResourcesAndPublishFunction.sh "westus" "rg-sqteamsbridge" "stsqteamsbridge$RANDOM" "func-sqteamsbridge$RANDOM"When the script has completed, it will output the Invoke url of the Azure Function. This is the address that should be configured in Sonarqube as a Webhook URL as described here.
Functions in func-sqteamsbridgeXXXXX:
SonarqubeMSTeamsBridge - [httpTrigger]
Invoke url: https://func-sqteamsbridgeXXXXX.azurewebsites.net/api/sonarqubemsteamsbridge
It will also display the Azure resources created by the script
Name ResourceGroup Location Type Status
----------------------- ---------------- ----------- --------------------------------- --------
func-sqteamsbridgeXXXXX rg-sqteamsbridge westeurope microsoft.insights/components
stsqteamsbridgeYYYYY rg-sqteamsbridge westeurope Microsoft.Storage/storageAccounts
WestEuropePlan rg-sqteamsbridge westeurope Microsoft.Web/serverFarms
func-sqteamsbridgeXXXXX rg-sqteamsbridge westeurope Microsoft.Web/sites
Azure Function settings can be set via script. Change Azure resource names and values. Read here about each setting.
Required settings
az functionapp config appsettings set --name "func-sqteamsbridgeXXXXX" --resource-group "rg-sqteamsbridge" --settings "TeamsWebhookUrl=https://outlook.office.com/webhook/XXXX"
az functionapp config appsettings set --name "func-sqteamsbridgeXXXXX" --resource-group "rg-sqteamsbridge" --settings "SonarqubeWebhookSecret=MY_SECRET"
Optional settings
az functionapp config appsettings set --name "func-sqteamsbridgeXXXXX" --resource-group "rg-sqteamsbridge" --settings "QualityGateStatusExcludeList=SUCCESS"
az functionapp config appsettings set --name "func-sqteamsbridgeXXXXX" --resource-group "rg-sqteamsbridge" --settings "Culture=en-US"
If you already have a Azure Function resource you want to use instead of creating a new one, or if you update to a newer version of this project, you can use a separate script for this purpose. See (src/SonarqubeMSTeamsBridge/PublishFunctionOnly.ps1) or (src/SonarqubeMSTeamsBridge/PublishFunctionOnly.sh)
Script parameters
- functionAppName: The name of an existing Azure Function app where the Azure Function trigger in this project will be published to.
Note: Example parmeter below, change it to an existing Azure Function app name in your Subscription.
Powershell on Windows
cd .\src\SonarqubeMSTeamsBridge
.\PublishFunctionOnly.ps1 -functionAppName "func-sqteamsbridgeXXXX"Bash on Linux
cd ./src/SonarqubeMSTeamsBridge
./PublishFunctionOnly.sh "func-sqteamsbridgeXXXX"As an alternative to deployment via script (as described above), Visual Studio Code can be used to deploy this code to Azure Functions.
- Install "Azure Functions Core Tools": https://github.com/Azure/azure-functions-core-tools#installing
- Install Visual Studio Code extension "Azure Functions": https://marketplace.visualstudio.com/items?itemName=ms-azuretools.vscode-azurefunctions
- Clone this repo locally and open in Visual Studio Code
- Use the UI button "Deploy to Function App" from the extension "Azure Functions" (see extension doc above)
- Select Function App in Azure: Create new Function App in Azure... Advanced (or use an existing Function App if you like)
- Enter a globally unique name for the function app. (will used in host name [function app name].azurewebsites.net)
- Select Runtime: .NET Core 3.1
- Select an OS: Windows (Linux also works)
- Select a hosting plan: Refer to Microsoft documentation about this. The simplest is Consumption
- Select a resource group for new resources: Create a new resource group, or use an exisiting, it's up to you.
- Select a storage account: Create a new storage account, or use an exisiting, it's up to you.
- Select an Application Insights resource for your app: Create a new Application Insights resource, or use an exisiting, o Skip if you don't logging. It's up to you.
After the necessary Azure Resources for the Function has been created from Visual Studio Code above, you can manage the Function settings in the Azure Portal.
Open the newly created Azure Function resource (type App Service):
- Select Configuration
- Add each required setting via + New application setting
Read here about each setting.
To get the URL to the new Azure Function, open the newly created Azure Function resource (type App Service):
- Select Functions
- Select SonarqubeMSTeamsBridge
- Press "Get Function Url" button.
This is the address that should be configured in Sonarqube as a Webhook URL as described here.
The Azure Function uses the following settings from environment variables.
| Setting | Required | Default value | Description |
|---|---|---|---|
| TeamsWebhookUrl | Yes | n/a | The Webhook URL that is configured in MS Teams for your channel where messages will be sent to. Read here for details on how to set it up. |
| SonarqubeWebhookSecret | Yes | n/a | The Sonarqube Webhook secret. It's used to authenticate requests from Sonarqube. It should be the same secret configured in Sonarqube |
| QualityGateStatusExcludeList | No | Not set, empty string | A comma-separated list of Sonarqube Quality Gate status values that should not be sent to MS Teams. By default this is not set, and means you will get MS Teams messages for both succeed and failed scans. If you only want failed scans, then you should set this value to SUCCESS |
| Culture | No | Not set, empty string | A .NET culture code that is used format Date/Time values in MS Teams card. If not specified, default .NET formating is used. Examples of codes: en-US, de-DE, sv-SE, es-ES |
| DisableAuthentication | No | Not set, false | Set to true to disable Sonarqube Webhook authentication. Secret will not be validated. Warning! Should only be used in development |
- Login as administrator in Sonarqube portal
- Goto Administration -> Configuration -> Webhooks
- Create Webhook
- Name: Any name works
- URL: The Azure Function invoke URL created above
- Secret: A strong secret password
TODO
Images
- Fabián Alexis, cropped by Prenn / CC BY-SA
- Rodney Dawes, Jakub Steiner, Garrett LeSage / Public domain
- penubag and the people from the Tango project / Public domain
