- Sonarqube Plugin
- Installation from Marketplace
- Manual installation
- Connecting to Quboo
- Filtering projects
- SonarQube servers with restricted access
- When does the data gets transferred?
SonarQube is a popular, widely extended tool to measure code quality.
Our SonarQube plugin extracts some data from your code quality results and send them to Quboo. You can download the plugin from SonarQube’s Marketplace or install it manually. Follow the instructions in the sections below.
Don’t worry about your privacy: the data we send is not including any part of your code (and we prove it by having the plugin’s code as open source on GitHub).
Installation from Marketplace
Navigate to the Marketplace with admin rights in Sonar, search “quboo” and install the plugin. You may need to restart the Sonarqube server after the installation for the changes to apply.
- Download the latest plugin release (it’s a
- Put the downloaded jar in the
/extensions/pluginsfolder of your SonarQube’s home installation folder, removing any previous version.
- Restart your SonarQube Server for the changes to apply.
Connecting to Quboo
After you install the plugin, you need to link it to your Quboo account. To do so, navigate (as a SonarQube administrator) to Administration -> Configuration -> General Settings. Select the Quboo tab and enter your API access and secret keys. In the screenshots below you can see where to fill in these values in SonarQube and where to get them in Quboo.
If you want to include only certain Sonarqube projects for gamification with Quboo, or you want to selectively exclude certain ones, you can do this by passing a list of their names to the inclusion/exclusion lists.
To process only one, or a list of selected projects, fill in their names in the ‘Selected Projects’ setting field, separated by commas. Leave it empty if you don’t want to use an inclusion list or if you want to use an exclusion list instead.
To exclude one or multiple projects, add their names separated by commas to the ‘Excluded Projects’ field. Make sure you don’t use an inclusion list or this setting will be ignored.
SonarQube servers with restricted access
In case your organization has enabled the setting “Force User Authentication” in SonarQube (see the screenshot below), you still need one extra step for the Quboo plugin to work correctly. The reason is that the plugin uses the Sonar’s server API, and with this setting enabled the API requires all requests to be authenticated.
This setting is located under: Administration -> Configuration -> Security.
If it’s enabled, you need to fill in a valid API Token in the Quboo Plugin Properties page (the same screen where you entered your Access and Secret keys).
First, you generate a token using your Sonarqube’s account. You can generate the token using a regular account, the token doesn’t need administrator privileges.
Once you have the token value, you have to enter it on the Quboo Plugin Configuration page. You need administrator rights to do this, so you may need to log out and log in again with an administrator account (or ask your administrator to do this).
Pay attention when you paste the token value. Since it’s a password field, you won’t see it in the settings. Now save it. If you want to verify whether the token is being used, check Sonarqube’s
ce.log for the message
A token will be used to connect to SonarQube server.
When does the data gets transferred?
The players and their score won’t be sent to Quboo immediately after you configure the plugin.
Quboo syncs data after each project analysis. Wait for your automated pipelines or run manually an analysis to export your data.
It might happen that, after your next analysis, you don’t see any players in Quboo yet. Go through these possible reasons to figure out what’s happening:
- There is no new code analysis. In Sonarqube, you can’t use the UI to trigger an analysis, so normally you have to wait for your build (CI/CD) tools.
- Your Sonarqube server doesn’t have any users. Normally, it’s easy to identify this problem since you get only one player at Quboo: the administrator. This is not a technical problem but just related to how you use the tool. If you want to use Quboo, you need to use user accounts in Sonarqube, otherwise there is no way to distinguish who is contributing to improve your code. You can add users manually, or you can use authentication via other systems.
- No Internet connectivity. You need to make sure that the server where your Sonarqube instance is configured and has access to the Internet.
- Not resolved host. Our plugin uses the Sonarqube API and its configuration to find where to make the API calls. Sometimes, it may happen that the configured host does not match the one that should be called from the server. Check your setting
Server base URLin the Sonar Admin settings.
To figure out what is exactly the problem please you can check Sonarqube’s server logs. You can find the plugin log messages in the
ce.log file inside the
logs folder in your Sonar installation home folder.
If you still need help, do not hesitate to contat us. Please send the error logs with your support request, otherwise we might not be able to help you.