[Integration][SonarQube] Bug handling of live events in sonarqube

[Lanrey]

User description

Description

What - Added selectors to webhook processors to match selectors on resync reorder webhook processors to temporarily fix issues with project blueprint failing when issues blueprint

Why - Differences between webhooks data and resync data due to selector changes

How - Add the selector filters to all the webhook processor

Type of change

Please leave one option from the following and delete the rest:

• [ x] Bug fix (non-breaking change which fixes an issue)
• [ ] New feature (non-breaking change which adds functionality)
• [ ] New Integration (non-breaking change which adds a new integration)
• [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
• [ ] Non-breaking change (fix of existing functionality that will not change current behavior)
• [ ] Documentation (added/updated documentation)

All tests should be run against the port production environment(using a testing org).

Core testing checklist

• [ ] Integration able to create all default resources from scratch
• [ ] Resync finishes successfully
• [ ] Resync able to create entities
• [ ] Resync able to update entities
• [] Resync able to detect and delete entities
• [ ] Scheduled resync able to abort existing resync and start a new one
• [ ] Tested with at least 2 integrations from scratch
• [ ] Tested with Kafka and Polling event listeners
• [ ] Tested deletion of entities that don't pass the selector

Integration testing checklist

• [ ] Integration able to create all default resources from scratch
• [ ] Resync able to create entities
• [ ] Resync able to update entities
• [ ] Resync able to detect and delete entities
• [ ] Resync finishes successfully
• [ ] If new resource kind is added or updated in the integration, add example raw data, mapping and expected result to the examples folder in the integration directory.
• [ ] If resource kind is updated, run the integration with the example data and check if the expected result is achieved
• [ ] If new resource kind is added or updated, validate that live-events for that resource are working as expected
• [ ] Docs PR link here

Preflight checklist

• [ ] Handled rate limiting
• [ ] Handled pagination
• [ ] Implemented the code in async
• [ ] Support Multi account

Screenshots

Include screenshots from your environment showing how the resources of the integration will look.

API Documentation

Provide links to the API documentation used for this integration.

---

PR Type

Bug fix

---

Description

• Fix webhook processors to use selectors matching resync behavior • Reorder webhook processors to prevent project blueprint failures • Switch analysis from task-based to project-based approach • Add fallback data handling for webhook events

---

Changes walkthrough 📝

	Relevant files
Formatting	2 files client.py Minor formatting and comment fixes                                              +6/-1      integration.py Remove trailing comma from metrics list                                    +1/-1
Bug fix	4 files main.py Reorder webhook processor registration                                      +2/-1      analysis_webhook_processor.py Switch from task-based to project-based analysis                  +34/-8    issue_webhook_processor.py Add selector support and fallback handling                              +39/-7    project_webhook_processor.py Add selector support and fallback handling                              +34/-5
Enhancement	1 files utils.py Add selector metrics extraction utility function                  +16/-1
Miscellaneous	1 files base_webhook_processor.py Add debug logging for payload validation                                  +1/-0

---

Need help?

Type /help how to ... in the comments thread for any questions about Qodo Merge usage.

Check out the documentation for more information.

[qodo-code-review[bot]]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 4 🔵🔵🔵🔵⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Debug Code A debug print statement has been added to the validate_payload method which should be removed before production deployment. print("payload", payload) return "project" in payload Logic Error The analysis webhook processor has inconsistent logic between on-premise and cloud versions. The cloud version fetches all analysis data but may append the webhook payload as fallback, which could lead to data inconsistency. async for updated_analysis in sonar_client.get_analysis_by_project(project): if updated_analysis: analysis_data.extend(updated_analysis) if not analysis_data: analysis_data.append(payload) Type Safety The selector is cast to SonarQubeGAProjectResourceConfig but the method handles both PROJECTS and PROJECTS_GA kinds, which may cause runtime errors if the wrong resource config type is used. selector = cast(SonarQubeGAProjectResourceConfig, resource_config).selector sonar_client.metrics = selector.metrics

[qodo-code-review[bot]]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Possible issue	Add null safety checks Add proper error handling for the case where resource_config.selector is None or doesn't exist. The current code could raise an AttributeError if selector is None. integrations/sonarqube/utils.py [29-41] def get_selector_metrics(resource_config: ResourceConfig) -> List[str]: """ Extract metrics from a resource config selector if available. Args: resource_config: The resource configuration containing the selector Returns: List of metric strings, empty list if no metrics are configured """ - if hasattr(resource_config.selector, 'metrics'): + if hasattr(resource_config, 'selector') and hasattr(resource_config.selector, 'metrics'): return resource_config.selector.metrics return [] [ ] Apply / Chat Suggestion importance[1-10]: 8 __ Why: The suggestion correctly identifies a potential AttributeError if resource_config lacks a selector attribute. The proposed change adds a necessary check, improving the code's robustness and preventing a runtime crash.	Medium
Security	✅ Remove debug print statement Suggestion Impact: The debug print statement was removed exactly as suggested, eliminating potential security risk and log pollution code diff: - print("payload", payload) Remove the debug print statement as it can expose sensitive data in production logs and is not appropriate for production code. integrations/sonarqube/webhook_processors/base_webhook_processor.py [53-55] async def validate_payload(self, payload: EventPayload) -> bool: - print("payload", payload) return "project" in payload [Suggestion processed] Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies a debug print statement that was likely left in by mistake. Removing it is important for production code to avoid polluting logs and potentially exposing sensitive information.	Medium
[ ] Update

[aws-amplify-eu-west-1[bot]]

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-1804.d1ftd8v2gowp8w.amplifyapp.com

[cursor[bot]]

🚨 BugBot couldn't run

BugBot is experiencing high demand right now. Try again in a few minutes by commenting "bugbot run" (requestId: serverGenReqId_f4feee94-6350-4232-aa1e-3429d3c7d068).