Back to blog
On this page
CloudQuery News

Introducing the new SonarQube source plugin

Bartosz Leśniewski

Bartosz Leśniewski

Code quality insights with SonarQube and CloudQuery #

In this blog post, we'll guide you through the setup process and showcase how CloudQuery can transform raw SonarQube data into actionable insights. Get ready to dive deep into your organization’s projects code quality, identify potential risks, and make informed decisions that will save you time, money, and headaches down the line.

New SonarQube Source Plugin #

The new plugin can get a lot of information from your SonarQube instances - ALM integrations, tasks, users, groups, projects, rules, hotspots, issues, and much more. Take a look at the SonarQube Source Plugin documentation. You can gain insights into your data and go through it in any manner you prefer.

Setting Up #

Here’s a step-by-step guide on how to configure the SonarQube Source Plugin and use the data collected from your instance.
  1. Obtain your API Key: Start by getting the API Key from the SonarQube platform - follow these instructions
  2. Install CloudQuery CLI: Download and install the CloudQuery CLI on your machine by following steps on our download page.
  3. Set up the Sync Configuration: Create a CloudQuery configuration file by running the following init command. You can use any supported destination, for this example, we will use PostgreSQL:
    cloudquery init --source sonarqube --destination postgresql
  4. Update the Configuration File: Open the generated sonarqube_to_postgres.yaml file in your editor. Replace the placeholders:
    • ${SONARQUBE_BASE_URL} with the base URL to your instance (a local instance would be http://localhost:9000 )
    • ${SONARQUBE_USER_TOKEN} with the token generated in step 1. Also set the auth_mode to token . Or alternatively, use ${SONARQUBE_USER} and ${SONARQUBE_PASSWORD}, and use your credentials, or a dedicated SonarQube user.
    • ${POSTGRESQL_CONNECTION_STRING} with connection string to your PostgreSQL database.
  5. Sync with CloudQuery:
  • Log in using
cloudquery login
  • Run the following command:
cloudquery sync sonarqube_to_postgres.yaml
For more details, refer to the SonarQube Source Plugin documentation.

Querying Synced Data #

Let’s explore how to use SQL to query the synced data.

Get Issue count per severity for all your projects #

SELECT
    project,
    impact->>'severity' AS severity,
    COUNT(*) AS issue_count
FROM
    sonarqube_issues,
    JSONB_ARRAY_ELEMENTS(impacts) AS impact
WHERE
    issue_status = 'OPEN'
GROUP BY
    project,
    severity
ORDER BY
    project,
    severity;

Get user info for all users in a specific SonarQube group #

SELECT
    u.*
FROM
    sonarqube_users u
JOIN
    sonarqube_group_memberships gm ON u.id = gm.user_id
JOIN
    sonarqube_groups g ON gm.group_id = g.id
WHERE
    g.name = 'sonar-users';

Get all issues for a project that require more than 20min of effort #

You could possibly use some automation to automatically create Jira tickets for all of these issues (probably it would be a good idea to only do it for high severity issues)
SELECT
    i.key,
    i.project,
    i.message,
    i.effort,
    i.impacts
FROM
    sonarqube_issues i,
    JSONB_ARRAY_ELEMENTS(i.impacts) AS impact
WHERE
    i.issue_status = 'OPEN'
    AND impact->>'severity' = 'HIGH'
    AND (
       (i.effort LIKE '%h%')
       OR
       (i.effort LIKE '%d%')
       OR
       (i.effort LIKE '%min%' AND
       CAST(SUBSTRING(i.effort, 1, POSITION('min' IN i.effort) - 1) AS INTEGER) >= 20))
ORDER BY
    i.project
With the SonarQube Source Plugin, you can work with you data, fine tune and create new querying to solve your problems or bring your ideas to life. Once you sync the data- you’ll have all of it within your destination of choice, whether it’s Postgres, MySQL, BigQuery, or any other supported destination.

Get Started Today #

You can try CloudQuery locally with our quick start guide after you download CloudQuery, or explore the CloudQuery Platform for a more scalable solution.
The SonarQube Source Plugin is available now.
Ready to get started with CloudQuery? You can try out CloudQuery locally with our quick start guide or explore the CloudQuery Platform (currently in beta) for a more scalable solution.
Got feedback or suggestions? Join the CloudQuery community to connect with other users and experts, or message our team directly here if you have any questions.
Bartosz Leśniewski

Written by Bartosz Leśniewski

Bartosz is a Senior Software Engineer at CloudQuery specializing in Golang code development with over five years of experience in various roles.

Related posts
Turn cloud chaos into clarity

Find out how CloudQuery can help you get clarity from a chaotic cloud environment with a personalized conversation and demo.

Request a demoDownload CLI
Join our mailing list

Subscribe to our newsletter to make sure you don't miss any updates.

Solutions
Resources
Legal
Social
© 2024 CloudQuery, Inc. All rights reserved.

We use tracking cookies to understand how you use the product and help us improve it. Please accept cookies to help us improve. You can always opt out later via the link in the footer.