Search…
SonarCloud
View bugs, vulnerabilities and code smell to quickly identify the code quality of your services within the catalog.
SonarCloud is a cloud-based code analysis service designed to detect code quality issues in 25 different programming languages, continuously ensuring the maintainability, reliability and security of your code. By enabling early detection of problems ensures that fewer issues get through to the later stages of the process and ultimately helps to increase the overall quality of your production code.

Prerequisite

SonarCloud provides web API to access its functionalities from applications. To access the web API, users can generate tokens that are used to run analyses or invoke web services without access to the user's actual credentials.
In order to get started with embedding your SonarCloud integration, you must create a new token.
You can review the full documentation on the SonarCloud web API here.
To generate a web API token, login to your SonarCloud Console and:
  1. 1.
    Click your user icon in the top right corner of the menu bar.
  2. 2.
    Select My Account from the context menu
  3. 3.
    From the My Account page, select Security from the top menu bar
  4. 4.
    The form at the bottom of the page allows you to generate new tokens. Once you click the Generate button, you will see the token value. Copy it immediately; once you dismiss the notification you will not be able to retrieve it.
This will generate a unique Web API token. Store it in a secure location, as this is the only time the key is displayed in full. If you lose a token you will need to delete it and create a new one.

Creating a SonarCloud Credential

To connect your SonarCloud account to configure8, perform the following steps.
Get started by navigating to the Credentials page by clicking on the "lock" icon on the menu bar.
Next, select the Add Credential button.
From the Add Credential pop-up, select SonarCloud from the list of available providers.
Next, enter the information required for your credential
  • Name: a recognizable alias for the new credential
  • User Token: This is the SonarCloud Web API token you generated in the prerequisite section.
Select Save to create your SonarCloud credential in configure8. The configure8 app will automatically validate the credentials to make sure they work. If they do not, the credentials will not be saved and you will be prompted to fix them.

Configuring SonarCloud for your Services

Adding a SonarCloud plug-in to your service adds the code quality summary to your service overview page. To add a SonarCloud plug-in to your service, start by selecting a service from your catalog Services listing.
From your service overview page, select the Add Plug-in button.
From the Plugins dialog, browse through the list of available plugins and select the SonarCloud plug-in by clicking on the Add button.
In the Plug-ins configuration wizard, select an existing credential to connect to the selected plugin provider. If you do not have an existing credential or would like to use a new credential, select the Add Credential button.
Next, enter the information required for your SonarCloud plug-in configuration.
  • Plugin Title: the title of the plug-in to display on the service overview page
  • Organization Key: This is the unique id for the organization in which you created your Web API token. It can be found on your Sonarcloud dashboard once you login.
  • SonarCloud Domain name: If you have an on-prem hosted SonarCloud instance, then enter your custom domain value here otherwise just enter the default value of https://sonarcloud.io.
Once you have entered all the required configuration information, select Done. Your configured plug-in is added to your service overview page.
Copyright © 2022 configure8, Inc. All rights reserved.
Last modified 4mo ago
Copy link
Outline
Prerequisite
Creating a SonarCloud Credential
Configuring SonarCloud for your Services