Learn how to help your team build confidently (and securely!) in prod in our upcoming Tech Talk: Sign up here.

Add a SonarQube Integration

  1. In the OpsLevel app, Click Integrations in the left sidebar.
  2. Click on the + New Integration button.
  3. Click the SonarQube tile to add the integration.

Create a Check

1. Navigate to the Rubrics sub menu under the Service Health menu in OpsLevel

2. Hover over the cell that corresponds to the level and category you want your check to live in and click the + Add Check button.

Add Check

3. Create a Custom Event check

4. Select the SonarQube integration you created from the Integration dropdown

5. Choose one of the Check Templates from the dropdown.

Check Template

Here is what each template is for:

  • Check for passing Security Check: Any service whose quality gate status for new_security_rating metric is ERROR will fail this check.
  • Check for passing Reliability Check: Any service whose quality gate status for new_reliability_rating metric is ERROR will fail this check.
  • Check for passing Maintainability Check: Any service whose quality gate status for new_maintainability_rating metric is ERROR will fail this check.
  • Check for passing Code Coverage Check: Any service whose quality gate status for new / updated source code is ERROR will fail this check.

6. We will populate the Service Specifier field, which we use to determine what service to run the check for, and the Success Condition field, which we use to determine if the check should pass or fail. We also provide a sample payload to test the check.

Service Specifier and Success Condition

Send payload to OpsLevel

  1. Add a new webhook for your project in SonarQube using the Webhook URL after you create the integration in the previous step
  2. Ensure your SonarQube projectKey is configured as an alias for your desired OpsLevel service.
  3. Start a sonarscan to begin delivering Quality Gate information to OpsLevel. The easiest way to run a scan on demand is to use SonarQube’s docker container setup (don’t forget to set your sonar.projectKey in sonar-project.properties first):

docker run \
    --rm \
    -e SONAR_HOST_URL="http://${SONARQUBE_URL}" \
    -e SONAR_LOGIN="myAuthenticationToken" \
    -v "${YOUR_REPO}:/usr/src" \
    sonarsource/sonar-scanner-cli

You can copy the SONARQUBE_URL from the SonarQube Integration page in OpsLevel.

Webhook URL

To learn more about SonarQube, check out their getting started guide.