SonarQube Integration
This documentation offers detailed guidance on seamlessly integrating SonarQube into KubeRocketCI. It covers essential steps to ensure a robust connection between SonarQube's code quality and security analysis capabilities with the platform's continuous delivery ecosystem, facilitating enhanced code inspection and improvement practices within your development workflow.
Prerequisites​
Before proceeding, ensure that you have the following prerequisites:
- Kubectl version 1.26.0+ is installed. Please refer to the Kubernetes official website for details.
- Helm version 3.14.0+ is installed. Please refer to the Helm page on GitHub for details.
Installation​
To streamline the installation of SonarQube in your environment, it is advised to utilize the resources available in the Cluster Add-Ons repository. This method involves deploying SonarQube alongside the sonar-operator. Employing the Cluster Add-Ons framework simplifies the installation process and ensures efficient management and integration of SonarQube into your infrastructure.
Configuration​
To establish robust authentication and precise access control, generating a SonarQube token is essential. This token is a distinct identifier, enabling effortless integration between SonarQube and KubeRocketCI. To generate the SonarQube token, proceed with the following steps:
-
Open the SonarQube UI and navigate to Administration -> Security -> User. Create a new user or select an existing one. Click the
Options List
icon to create a token: -
Type the
ci-user
username, define an expiration period, and click theGenerate
button to create the token: -
Click the
Copy
button to copy the generated<Sonarqube-token>
: -
Provision secrets using Manifest, KubeRocketCI portal or with the externalSecrets operator:
- UI Portal
- Manifests
- External Secrets Operator
Go to the Portal open Configuration -> CODE QUALITY -> SONARQUBE. Update or click + ADD INTEGRATION fill in the URL
and Token
fields and click the Save
button:
apiVersion: v1
kind: Secret
metadata:
name: ci-sonarqube
namespace: edp
labels:
app.edp.epam.com/secret-type: sonar
app.edp.epam.com/integration-secret: "true"
type: Opaque
stringData:
url: https://sonarqube.example.com
token: <sonarqube-token>
"ci-sonarqube":
{
"url": "https://sonarqube.example.com",
"token": "XXXXXXXXXXXX"
},
Go to the Portal open Configuration -> CODE QUALITY -> SONARQUBE and see the Managed by External Secret
message:
More details about External Secrets Operator integration can be found in the External Secrets Operator Integration page.