Integrating with SonarQube#

Accessing SonarQube data with the SonarQube integrations.

The SonarQube integration uses SonarQube web hooks to retrieve data. An HTTP POST request that includes a JSON payload is sent to the HCL™ Accelerate URL. Payload parameters can be found in the SonarCube user documentation. Like other quality data integrations, this one operates in the reporting-consumer service.

The integration uses REST endpoints and quality data handlers to perform the following steps:

  1. Receive a web-hook payload from SonarQube.
  2. Request additional SonarQube issues.
  3. Make three successive calls to the REST API uploadQualityData endpoint. The calls validate and store data documents, one for each issue category: bugs, code smells, and security vulnerabilities.

  4. Create a SonarQube instance with properly configured certificates.

  5. Create a web hook in SonarQube, Administration > Webhooks, that defines a URL as such:

    http://<UCV-Reporting-Consumer\>/pluginEndpoint/<Integration-ID\>/sonarqube/callback.