Learn how to configure DevOps Intelligence for the integration of SonarQube to broaden the observability of your hybrid IT estate.
SonarQube is the leading tool for continuously inspecting the Code Quality and Security of codebases and guiding development teams during Code Reviews. For DevOps Intelligence to pull data from SonarQube, you must configure a SonarQube account.
The setup for DevOps integration with SonarQube, requires several procedures, most of which are in DevOps Intelligence, but the initial procedure requires access to the SonarQube console.
Prerequisites
The following items are prerequisite to configuration:
SonarQube Account:
The administrator should have an active SonarQube account on the instance for which the connection is intended.
Access to a SonarQube Instance:
Ensure that you have access to the specific SonarQube instance where the projects, test suites and test cases are hosted. Use the URL or web address of the SonarQube instance user want to connect to.
Project Membership:
Users must be part of the SonarQube projects you intend to access. Ensure that users have the necessary project membership to retrieve information about projects, test suites and test cases.
Access Policy as Platform Administrator and DevOps Intelligence Administrator:
Ensure that the user has the necessary access policies. The user should have the Platform Administrator role to create and manage connections effectively. Users must also have the DevOps Intelligence Administrator role, which allows them to create and manage configurations.
Review and execute the content in the following sections in the order they are presented.
Integration of SonarQube with DevOps Intelligence
The process for onboarding SonarQube comprises the following steps, each of which is a multistep procedure:
Create a Personal Access Token.
Create a connection.
Configure the application.
Onboard the SonarQube technical service.
Creating a SonarQube access token
Use the following procedure to create a SonarQube access token:
Navigate to the top right corner of the SonarQube homepage.
Click on your profile picture and select
My Account
.
Go to the
Security
tab.
Provide the token name.
Click on
Generate
.
Creating a connection
Establishing a DevOps Intelligence connection to SonarQube is prerequisite to configuring the service. Use the following procedure:
Click on
App Manager
→
IAM
→
Connections
→
Add New
→
Add connection
.
Choose
Platform
from the connection type dropdown list.
Select
SonarQube
.
Provide a local account name for reference.
Add the Host SonarQube API URL of the SonarQube Host (e.g.,
https://sonarqube.kyndryl.net/
).
Use the SonarQube token you created in the previous section (Create a SonarQube token).
If you are using a Proxy Adapter, provide the ProxyID UUID. A proxy adapter is necessary when you want to access a service or system with a different interface than your application expects.
When Archive is enabled, the connection is archived for future use.
Configuring DevOps Intelligence for SonarQube for Secure phase, recent customers
This procedure is valid only for customers onboarded 6 June, 2024 or after. Procedures for legacy customers are provided in the subsequent Configure DevOps Intelligence for SonarQube, legacy customers.
Select an existing application or create a new application.
Navigate to
Add Tools
step.
Select the phase as
Secure
. SonarQube is compatible in Test and Secure phases.
Click
Add Tool Configuration
.
Select Secure Categories
Static Scan
.
Select SonarQube for
Tool engine
.
Complete the required information, categorized by the three tabs:
Release
: The tool configuration inherits the release prefix and variable from the application. To override these values at the tool level, click the
Edit
button and make the necessary changes. Changing the values here will not affect the release prefix and variable set in the application. Data will be pulled only if releaseName can be extracted from branchName, making releaseName identical to branchName. Data will also be pulled for branches with the main parameter is set to true, apart from the identified release branches.
prefix
signifies the starting sequence of characters for releases, with the default value being empty.
variable
signifies the starting sequence of characters for releases, with the default value being empty.
DevOps Intelligence use the release ID to identify release names and the release branches.
Severity
: DevOps Intelligence considers severity category to be captured into five levels. Map your applications bug severity with predefined severity levels (BLOCKER, CRITICAL, MAJOR, MINOR, INFO)
State
:
Map your bug status to two states:
Resolved
or
Unresolved
.
Select all the bugs for which status is Resolved, all those for which bug statuses which is Unresolved.
Click
Add Configuration
.
Configuring DevOps Intelligence for SonarQube for Test phase
This procedure is valid only for customers onboarded 6 June, 2024 or after. Procedures for legacy customers are provided in the subsequent Configure DevOps Intelligence for SonarQube, legacy customers.
Select an existing application or create a new application.
Navigate to
Add Tools
step.
Select the phase as
TestSecure
. Note: SonarQube is compatible in Test and Secure phases.
Press
Add Tool Configuration
.
Select SonarQube for
Tool engine
.
Complete the required information categorized into two tabs,
Release
and
Test Analysis parameter
. See the previous usage notes for *Release title construction. Provide the environement name to be used for analysis in
Test Analysis
.
Click
Add Configuration
.
Onboarding the technical service
Having configured DevOps Intelligence to pull data from SonarQube, you must now onboard it as a technical service. Take in consideration the following caveats:
SonarQube can be configured only at the project level.
Multiple metrics can be selected against projects.
Metrics is merely way to restrict which data is available to users for a given project.
SonarQube syncs only data available with connections configured against it.
At the project level, technical services are always configured as mutually exclusive – i.
If two users having the same privileges attempt to onboard technical services for the same project, only the first user is allowed to create the technical service; it will not be listed for the second user to onboard.
Expand the application to see all the associated phases.
Click the Overflow menu associated with the phase (
Test
or
Secure
)
Click
Delete Technical Service
. In the case of
Secure
phase, you must also select the
Secure
category as
Static Scan
.
Select the tool engine as SonarQube.
Select the Project.
Click
Delete Technical Service
.
Reviewing test suite data in DevOps Intelligence
After DevOps Intelligence has been fully configured, DevOps Intelligence displays all test suites being tracked by SonarQube in the table view at the bottom of the Test page. The view provides general information about each test suite such as status (how many tests were Skipped, Passed, Failed, and Blocked), Total number of tests in the suite, and the execution date.
Detailed information about each suite are available by clicking the overflow menu for that test suite and selecting
View Details
. DevOps Intelligence responds by navigating to the Details page for that suite, where additional information regarding activity and history is available. The Activity tab presents a graphic presentation of the tabular data on the table. The Historical details tab presents additional details such as Code Smells and Bugs. On both tabs you have the option of selecting a time frame for testing from the Duration control located in the upper right.
Configuring DevOps Intelligence for SonarQube, legacy customers
This procedure is valid only for customers onboarded before 6 June 2024.
Use the following procedure to configure DevOps Intelligence for SonarQube:
Navigate to
DevOps Intelligence
→
Settings & Utilities
→
Tools Configuration
→
Add Configuration
.
Select SonarQube as the
Tool Engine
.
Under
Connection
, select the appropriate connection name.
Select the project and metrics you want to track in DevOps Intelligence. Specific metrics are optional; DevOps Intelligence will track all default metrics.
Please take notice of the following service configuration caveats:
Configurations can only be configured at the project level.
Multiple metrics can be selected against projects.
Selected metrics restrict data to that required for a given project.
DevOps Intelligence only syncs the data available from the selected connection configured against it.
At the project level, service configurations are always configured as mutually exclusive. That is, if two users having the same privileges attempt to create service configuration for the same project, only the first user is allowed to create the service configuration. This is because after the first user has completed the configuration process, the project is already configured. The project will