Skip to main content

SonarQube Connector

Overview

SyncNow's DevOps Gate feature allows work systems to use SyncNow endpoints to enrich other connected work systems. SyncNow supports enriching work systems from SonarQube. Once a DevOps Gate process is defined, SyncNow can parse information received from SonarQube and set it in an entity on the target work systems. The DevOps Gate process includes mapping between a field received from SonarQube to the target work system field.

SonarQube Connector Features

The SonarQube connector reads and parses SonarQube webhook data and updates target systems accordingly. This allows you to enrich target systems such as JIRA with code quality information from SonarQube.

🔍 Use Cases

  • Publish code quality to work system entities: Automatically update features, epics, or other entities mentioned in code or comments with SonarQube quality status.
  • Update SonarQube status on referenced entities: SyncNow can update the status of entities mentioned in commit messages or comments with the latest SonarQube scan results.
  • Add SonarQube status and links in comments: Insert SonarQube status and direct report links into comments of referenced entities.
  • Link SonarQube report URLs: Attach SonarQube report URLs directly to entities for easy access to detailed code quality reports.

⚙️ Step-by-Step Setup

  1. Create a DevOps Gate Process for SonarQube Scan Status

    • Configure the process in SyncNow to handle SonarQube webhook data

  2. Map SonarQube Data to Target Entities

    • Set up a mapping for the SonarQube virtual entity to your target system entity. You can define different mappings for each entity type.
    • Map SonarQube fields (such as status, quality gate, report URL) to fields in your target system.

  3. Configure Webhook URLs

    • Use the SyncNow configuration page to generate webhook URLs for creating, updating, or commenting on entities:
      • Create:
        {SyncNowBackend}/api/v1.0/DevOpsGate/Enrich/{DevOpsGateProcessID}?action=create
      • Update:
        {SyncNowBackend}/api/v1.0/DevOpsGate/Enrich/{DevOpsGateProcessID}?action=update
      • Comment:
        {SyncNowBackend}/api/v1.0/DevOpsGate/Enrich/{DevOpsGateProcessID}?action=comment
      • Link SonarQube URL:
        {SyncNowBackend}/api/v1.0/DevOpsGate/LinkIt/{DevOpsGateProcessID}

  4. Set Up SonarQube Webhook

    • In SonarQube, navigate to Administration → Configuration → WebHooks.
    • Paste the SyncNow webhook URL and create the webhook.

  5. Secure the Integration

    • Add a secret for webhook communication in SonarQube and configure security parameters in the SyncNow connector UI.

  6. (Optional) Integrate with Jenkins or CI/CD

    • You can pass custom parameters from Jenkins or other CI/CD tools to SyncNow, allowing for advanced field mapping and automation.
    • Example Jenkins pipeline snippet: 
      @NonCPS
def getCommentsString() {
    def list = []
    def changeLogSets = currentBuild.changeSets
    for (int i = 0; i < changeLogSets.size(); i++) {
        def entries = changeLogSets[i].items
        for (int j = 0; j < entries.length; j++) {
            def entry = entries[j]
            if (entry.msg != null) {
               list.add("""${entry.commitId} on ${new Date(entry.timestamp)}: ${entry.msg.replaceAll("[\n\r]", " ")}""")
            }
        }
    }
    return list.join(',')
}

pipeline {
    agent any
    stages {
        stage("SonarQube Analysis") {
            steps {
                script {
                    def commits = getCommentsString()
                    def scannerHome = tool 'main_sonar_scanner';
                    withSonarQubeEnv('sonarmain') {
                        sh """${scannerHome}/bin/sonar-scanner -Dsonar.analysis.param.Param1='Sonar Quality Tests for Build ${JOB_NAME}' -Dsonar.analysis.param.Param4='${env.VERSION}.${env.BUILD_ID}' -Dsonar.analysis.targetDetail.Project=<TargetSystemProjectKey>
-Dsonar.analysis.targetDetail.CommitComments='${commits}' -Dsonar.analysis.targetDetail.EventRelativeURL='/job/${JOB_NAME}/${env.BUILD_ID}' -Dsonar.analysis.targetDetail.CommentLinkTitle='SonarQube Report' """
                    }
                }
            }
        }
    }
}

  7. Verify Integration

    • Ensure the script runs and data is published to SyncNow.

🔗 Example: Enriching JIRA with SonarQube Data

DevOps Gate processes can use the SonarQube Connector to enrich target systems like JIRA. SyncNow will parse information received from SonarQube webhooks and update the corresponding entities in JIRA with code quality information, such as status, links, and comments.

🛠️ Compatibility

The SonarQube Connector supports SonarQube version 7.9 and later.

💡 Tips

  • Use entity references (e.g., issue keys) in commit messages or comments to ensure SyncNow can link SonarQube data to the correct work system entities.
  • Secure your webhooks with secrets and IP restrictions for safe integration.
  • Customize field mapping in DevOps Gate to match your organization's needs.