Skip to main content
Version: 3.9.0

SonarQube Integration

This documentation offers detailed guidance on seamlessly integrating SonarQube into KubeRocketCI. It covers essential steps to ensure a robust connection between SonarQube's code quality and security analysis capabilities with the platform's continuous delivery ecosystem, facilitating enhanced code inspection and improvement practices within your development workflow.

Prerequisites​

Before proceeding, ensure that you have the following prerequisites:

Installation​

To streamline the installation of SonarQube in your environment, it is advised to utilize the resources available in the Cluster Add-Ons repository. This method involves deploying SonarQube alongside the sonar-operator. Employing the Cluster Add-Ons framework simplifies the installation process and ensures efficient management and integration of SonarQube into your infrastructure.

Configuration​

To establish robust authentication and precise access control, generating a SonarQube token is essential. This token is a distinct identifier, enabling effortless integration between SonarQube and KubeRocketCI. To generate the SonarQube token, proceed with the following steps:

  1. Open the SonarQube UI and navigate to Administration -> Security -> User. Create a new user or select an existing one. Click the Options List icon to create a token:

    SonarQube user settings

  2. Type the ci-user username, define an expiration period, and click the Generate button to create the token:

    SonarQube create token

  3. Click the Copy button to copy the generated <Sonarqube-token>:

    SonarQube token

  4. Provision secrets using Manifest, KubeRocketCI portal or with the externalSecrets operator:

Go to the Portal open Configuration -> CODE QUALITY -> SONARQUBE. Update or click + ADD INTEGRATION fill in the URL and Token fields and click the Save button:

SonarQube update manual secret