SonarQube

Summary

This plugin collects SonarQube data through its REST APIs. SonarQube is a tool for static code analysis and code quality management. It can help you discover potential problems and defects in your code, and provide suggestions and solutions.

When collecting issues under a certain SonarQube project, divide the issues into smaller groups to collect, so as not to obtain 10,000 issues at once and exceed the result limit of SonarQube APIs themselves. Specific rules include:

1. First, classify the issues according to "severity", "status", and "type" and collect them separately.
2. Secondly, issues are classified according to the time fields "createdBefore" and "createdAfter" and collected separately.
3. Finally, the issues are classified according to "the file to which the issue belongs" and collected separately.

Supported Versions

Available for SonarQube Server v8.x, v9.x. Check this doc for more details.

Entities

Check out the SonarQube entities collected by this plugin.

Data Refresh Policy

Check out the data refresh policy of this plugin.

Metrics

Most of SonarQube metrics are collected and can be found in DevLake's SonarQube dashboard.

• Code Quality Issue Count
• Code Quality Test
• Code Quality Maintainability-Debt
• Code Quality Duplicated Blocks
• Code Quality Duplicated Lines

Configuration

• Configuring SonarQube via config-ui.
• Configuring SonarQube via Config UI's advanced mode.

API Sample Request

You can trigger data collection by making a POST request to /pipelines.

curl 'http://localhost:8080/pipelines' \
--header 'Content-Type: application/json' \
--data-raw '
{
  "name": "project1-BLUEPRINT",
  "blueprintId": 1,
  "plan": [
    [
      {
        "plugin": "sonarqube",
        "options": {
          "connectionId": 1,
           "projectKey": "testDevLake"
        }
      }
    ]
  ]
}
'

References

• references