The Power of SonarQube Web API for Seamless Development

Overview

RESTful API transforms development by seamlessly integrating it with CI/CD servers, automates project tasks, and enhances code visibility, allowing early issue detection. With versioned stability and robust security, it empowers users to manage projects, analyze code, access metrics, and streamline development via its well-documented interface. This blog illuminates the SonarQube Web API’s potential, offering an essential gateway to elevated development practices.

Pioneers in Cloud Consulting & Migration Services

Reduced infrastructural costs
Accelerated application deployment

Get Started

Introduction

SonarQube Web API is the gateway to unlocking many functionalities within SonarQube, enabling seamless integration of its capabilities into your development pipeline.

SonarQube Web API is a RESTful API that allows you to access SonarQube’s functionalities from applications. The API provides a wide range of endpoints that can be used to create, manage, and analyze projects and retrieve information about metrics, issues, and rules.

Advantages and Benefits of SonarQube Web API

The SonarQube Web API offers several advantages and benefits, including:

Enhanced integration: The API allows you to integrate SonarQube with your existing development and testing tools, such as CI/CD servers and continuous integration platforms.
Increased automation: The API can be used to automate many of the tasks involved in managing and analyzing SonarQube projects, such as creating projects, starting analyses, and retrieving results.
Improved visibility: The API can retrieve a wide range of information about SonarQube projects, such as metrics, issues, and rules. This information can be used to improve the visibility of code quality and identify potential problems early on.

Other Properties of SonarQube Web API

Some other notable properties of SonarQube Web API include:

RESTful: The API is designed to be easy to use and understand and follows RESTful design principles.
Versioned: The API is versioned, which means you can be sure that your applications will work with the latest version of SonarQube.
Secure: The API supports authentication and authorization, ensuring only authorized users can access your SonarQube data.

SonarQube provides a web API that allows you to access its functionalities from applications. The web API is a RESTful API that uses JSON for data interchange. The API can be used to perform a variety of tasks, such as:

Creating and managing projects
Analyzing code
Accessing metrics
Managing users and groups

The web API is documented on the SonarQube website. The documentation includes a detailed description of each API endpoint and examples of how to use the API.

A few Examples of Web APIs

SonarQube Token Create

curl -u $USER_NAME: $PASSWORD "http://$SONAR_IP:9000/api/user_tokens/generate" -d "name=TOKEN_NAME" -d "type=GLOBAL_ANALYSIS_TOKEN" -d "expirationDate=YYYY-MM-DD

1	curl -u $USER_NAME: $PASSWORD "http://$SONAR_IP:9000/api/user_tokens/generate" -d "name=TOKEN_NAME" -d "type=GLOBAL_ANALYSIS_TOKEN" -d "expirationDate=YYYY-MM-DD

USER_NAME: Provide your SonarQube username

PASSWORD: Provide your SonarQube password here

TOKEN_NAME: Provide an appropriate name for your token

Token types are of:

PROJECT_ANALYSIS_TOKEN
GLOBAL_ANALYSIS_TOKEN
USER_TOKEN

“By Default, if you are not passing the type, it will generate the user_token for you”

If you want to specifically set the expiration date to 90 days (about 3 months), you can use “expirationDate” as below:

expirationDate=$(date –date=”+90 days” +%Y-%m-%d)

SonarQube Token Revoke

curl -u $USER_NAME: $PASSWORD "http://$SONAR_IP:9000/api/user_tokens/revoke" -d "name=TOKEN_NAME"

1	curl -u $USER_NAME: $PASSWORD "http://$SONAR_IP:9000/api/user_tokens/revoke" -d "name=TOKEN_NAME"

“In this case, if you just need to pass the token name with revoke web API”

SonarQube Project Creation

Scenario 1: Project creation without passing the existing token to this project.

curl -u $USER_NAME: $PASSWORD "http://$SONAR_IP:9000/api/projects/create" -d "name=Project_name" -d "key=Project_name" -d "project= Project_name" -d "mainBranch=Baranch_name"

1	curl -u $USER_NAME: $PASSWORD "http://$SONAR_IP:9000/api/projects/create" -d "name=Project_name" -d "key=Project_name" -d "project= Project_name" -d "mainBranch=Baranch_name"

Pass the “name, key, project” fields with the same value i.e., Project_name.

Scenario 2: Project creation by passing the existing token to this project.

curl -u <token>: -X POST "http://$SONAR_IP:9000/api/projects/create?name=Project_name&project=Project_name&mainBranch=Branch_name"

1	curl -u <token>: -X POST "http://$SONAR_IP:9000/api/projects/create?name=Project_name&project=Project_name&mainBranch=Branch_name"

In this case, pass the <token> you created earlier and create the project with other required fiels like Project_name, Branch_name.

‘Most of us may get confused should I have to pass password after <token>: “. The answer is No, don’t pass any password after <token>: field.’

Conclusion

SonarQube Web API emerges as a powerful and versatile tool for enhancing code quality and streamlining development processes. Its comprehensive set of functionalities, coupled with its advantageous properties, empower software teams to achieve continuous code improvement and deliver high-quality products. By leveraging the API, teams can effectively automate tasks, gain valuable insights, and integrate SonarQube seamlessly into their existing toolchains, fostering a culture of quality-driven development.

Drop a query if you have any questions regarding SonarQube Web API and we will get back to you quickly.

Making IT Networks Enterprise-ready – Cloud Management Services

Accelerated cloud migration
End-to-end view of the cloud environment

Get Started

About CloudThat

CloudThat is an award-winning company and the first in India to offer cloud training and consulting services worldwide. As a Microsoft Solutions Partner, AWS Advanced Tier Training Partner, and Google Cloud Platform Partner, CloudThat has empowered over 850,000 professionals through 600+ cloud certifications winning global recognition for its training excellence including 20 MCT Trainers in Microsoft’s Global Top 100 and an impressive 12 awards in the last 8 years. CloudThat specializes in Cloud Migration, Data Platforms, DevOps, IoT, and cutting-edge technologies like Gen AI & AI/ML. It has delivered over 500 consulting projects for 250+ organizations in 30+ countries as it continues to empower professionals and enterprises to thrive in the digital-first world.

FAQs

1. Can we create the projects using the existing Token in SonarQube through Web API?

ANS: – Yes, we can create the project using existing tokens, and I have specified the example of it in this blog in the “Few examples of Web API” section.

2. How many projects can we create? Is it a limited number, or can we create any number of projects?

ANS: – No, there are no limitations regarding how many projects can be created.

WRITTEN BY Ravikumar Eranna Murali

Ravikumar works a Senior DevOps Engineer at CloudThat with extensive hands-on experience in DevOps technologies and AWS cloud services. He is passionate about Kubernetes, automation, cloud infrastructure, and CI/CD pipelines, and is always eager to learn and explore emerging technologies shaping the industry. Ravikumar thrives on optimizing processes, enhancing security, and driving efficiency through automation and best practices in cloud-native environments.