LGTM Enterprise 1.22.1

Defining integrations with "providers"

This topic relates to integrations that are set up in the administration interface. For details of integration with code review systems—which is set up on a per-project basis from the Integrations tab of a project's settings—see About automated code review in the user help.

Defining integrations between LGTM and the systems that provide access to your code, and information about users, is a fundamental stage in setting up LGTM Enterprise.

You define and modify integrations with "providers" from the Integrations administration page. LGTM Enterprise integrates with various types of external systems:

  • Authentication provider—enables users to log in to LGTM Enterprise using their account details for the external system.
  • Authorization provider—enables LGTM Enterprise to use the external account details to determine what projects an authenticated user can view.
  • Repository provider—enables LGTM Enterprise to connect to the external system and collect data from repositories.
  • Issue tracker provider—enables LGTM Enterprise to open, close and reopen tickets on an external issue tracking system such as Atlassian Jira.

You must define suitable authentication, authorization, and repository providers before you can add projects to LGTM Enterprise for analyzing.

Integration with enterprise-level repository management systems

LGTM supports integration with enterprise-level repository management systems such as GitHub Enterprise, GitLab Enterprise, and Bitbucket Server. Typically, for these systems, you will create one provider of each type. This allows users of that system to:

  • Log into LGTM Enterprise using their external account.
  • See full data only for the projects that they have permission to access in the external system.

Alternatively, you may choose to use a basic authorization provider to define a global authorization level for all projects associated with an external system, regardless of the authorizations defined in that system.

Integration with public repository management systems

LGTM supports integration with publicly visible repository management systems such as GitHub.com, GitLab.com, and Bitbucket Cloud. This allows users to analyze public repositories. Creating authentication providers for these systems enables users to log in using an external account. You then define the systems as repository providers to enable users to start analyzing repositories.

If you define a repository provider for a public system like GitHub.com, be aware that, if the Allow adding projects through the frontend option is selected, anyone who owns a public project hosted on that system, and can log in to your LGTM Enterprise instance, will be able to add their project and enable automated code review. This allows your LGTM Enterprise instance to comment on that public project. For more details, see Adding external repository providers.

Integration with Subversion or simple Git

LGTM Enterprise supports integration with Subversion and simple Git as repository providers. To analyze code in a Subversion repository, or a simple Git repository, you only need to configure a repository provider. You do not set up authentication providers for Subversion or Git.

Subversion provides no efficient way to obtain details of revisions that merge two branches (for details see Merge revisions). As a result, LGTM does not attribute any alerts that are found in merge revisions to specific users. This ensures that data is accurate. The number of unattributed commits is usually low, because Subversion users tend to use many fewer merges than Git users.

More information

For more information, see: