SonarCloud
View bugs, vulnerabilities and code smell to quickly identify the code quality of your services within the catalog.
Summary - Creating a SonarCloud Credential
Create an API token. Copy the token to a secure location.
Go to configure8 app -> Settings -> Credentials -> Add Credential and select SonarCloud credential provider.
Set up name for the Credential and fill info based on this.
Hit Save. The credentials will be checked and a discovery job will start. Done!
SonarCloud is a cloud-based code analysis service designed to detect code quality issues in 25 different programming languages, continuously ensuring the maintainability, reliability and security of your code. By enabling early detection of problems ensures that fewer issues get through to the later stages of the process and ultimately helps to increase the overall quality of your production code.
Prerequisite
SonarCloud provides web API to access its functionalities from applications. To access the web API, users can generate tokens that are used to run analyses or invoke web services without access to the user's actual credentials.
In order to get started with embedding your SonarCloud integration, you must create a new token.
For configure8 to fetch information about your SonarCloud projects, you must generate a token from a SonarCloud account with administrative privileges.
You can review the full documentation on the SonarCloud web API here.
To generate a web API token, login to your SonarCloud Console and:
Click your user icon in the top right corner of the menu bar.
Select My Account from the context menu
From the My Account page, select Security from the top menu bar
The form at the bottom of the page allows you to generate new tokens. Once you click the Generate button, you will see the token value. Copy it immediately; once you dismiss the notification you will not be able to retrieve it.
This will generate a unique Web API token. Store it in a secure location, as this is the only time the key is displayed in full. If you lose a token you will need to delete it and create a new one.
Creating a SonarCloud Credential
To connect your SonarCloud account to configure8, perform the following steps.
Get started by navigating to the Credentials page by clicking on the "lock" icon on the menu bar.
Next, select the Add Credential button.
From the Add Credential pop-up, select SonarCloud from the list of available providers.
Next, enter the information required for your credential
Name: a recognizable alias for the new credential
User Token: This is the SonarCloud Web API token you generated in the prerequisite section.
Select Save to create your SonarCloud credential in configure8. The configure8 app will automatically validate the credentials to make sure they work. If they do not, the credentials will not be saved and you will be prompted to fix them.
Configuring SonarCloud for your Services
Adding a SonarCloud plug-in to your service adds the code quality summary to your service overview page. To add a SonarCloud plug-in to your service, start by selecting a service from your catalog Services listing.
From your service overview page, select the Add Plug-in button.
From the Plugins dialog, browse through the list of available plugins and select the SonarCloud plug-in by clicking on the Add button.
In the Plug-ins configuration wizard, select an existing credential to connect to the selected plugin provider. If you do not have an existing credential or would like to use a new credential, select the Add Credential button.
Next, enter the information required for your SonarCloud plug-in configuration.
Plugin Title: the title of the plug-in to display on the service overview page
SonarCloud Domain name: If you have an on-prem hosted SonarCloud instance, then enter your custom domain value here otherwise just enter the default value of
https://sonarcloud.io
.
Once you have entered all the required configuration information, select Done. Your configured plug-in is added to your service overview page.
Last updated