SonarQube is a popular, widely extended tool to measure code quality.
Our SonarQube plugin extracts some data from your code quality results and send them to Quboo. You can download the plugin from SonarQube’s Marketplace or install it manually. Follow the instructions in the sections below.
Don’t worry about your privacy: the data we send is not including any part of your code (and we prove it by having the plugin code on GitHub).
Installation from Marketplace
Just navigate to the Marketplace with admin rights, search “quboo” and install the plugin. You need to restart Sonarqube after that.
- Download the latest plugin release (it’s a
- Put the downloaded jar in the
/extensions/pluginsfolder of your SonarQube’s home installation folder, removing any previous version.
- Restart your SonarQube Server for the changes to apply.
Connecting to Quboo
After you install the plugin, you still need to link it to your Quboo account. To do so, navigate (as a SonarQube administrator) to Administration -> Configuration -> General Settings. Select the Quboo tab and enter your API key and secret. In the screenshots below you can see where to fill in these values in SonarQube and where to get them in Quboo.
SonarQube servers with restricted access
Your organization may have the setting “Force User Authentication” enabled in SonarQube. In this case, you still need one extra step.
Check whether this setting is enabled or not from the Quboo Administration panel: Administration -> Configuration -> Security.
If it’s enabled, you need to configure an API Token in the Quboo Plugin Properties (same screen where you entered your Access and Secret keys).
First, you need to generate a token using your account. Note that you don’t need to be signed in as Administrator to generate a token.
Once you have the token value, you have to enter it in the Quboo Plugin Configuration page. You need administrator rights to do this so you may need to log out and log in again with an administrator account (or ask your administrator to do this).
Pay attention when you paste the token value. Since it’s a password field, you won’t see it in the settings. Now save it. If you want to verify whether the token is being used, check Sonarqube’s
ce.log for the message
A token will be used to connect to SonarQube server.
When does the data gets transferred?
The players and their score won’t be in Quboo immediately after you configure the plugin.
Quboo syncs data after each analysis of your projects. Wait for your automated pipelines or run an analysis to export your data.
If, after your next analysis, you still don’t see any players in Quboo, it might be due to one of these reasons:
- The analysis was not really triggered. In Sonarqube, you can’t use the UI to trigger an analysis so normally you connect it to your build tools.
- Your Sonarqube server does not have users. Normally, it’s easy to identify this problem since you get only one player at Quboo: the administrator. This is not really a technical problem but just related to how you use the tool. If you want to use Quboo, you need to get people as users in Sonarqube, otherwise there is no way to distinguish who is contributing to improve your code. You can add users manually or you can use authentication via other systems.
- No Internet connectivity. You need to make sure that the server where your Sonarqube instance is configured and has access to the Internet.
- Not resolved host. Our plugin uses the Sonarqube API and its configuration to find where to make the API calls. Sometimes, it may happen that the configured host does not match the one that should be called from the server. Check your setting
Server base URLin the Sonar Admin settings.
To figure out what is exactly the problem please you can check Sonar logs. You can find the plugin logs in the
ce.log file inside the
logs folder in your Sonar installation home folder.
If you still need help, do not hesitate to contat us. Please send the error logs with your support request, otherwise we might not be able to help you.