Sonar Plugin Connection

All information related to how to connect Sonar to Quboo

Sonarqube Plugin

Connecting Sonarqube

SonarQube is a popular, widely extended tool to measure code quality.

Our SonarQube plugin extracts some data from your code quality results and send them to Quboo. You can download the plugin from SonarQube’s Marketplace or install it manually. Follow the instructions in the sections below.

Don’t worry about your privacy: the data we send is not including any part of your code (and we prove it by having the plugin code on GitHub).

Installation from Marketplace

Just navigate to the Marketplace with admin rights, search “quboo” and install the plugin. You need to restart Sonarqube after that.

Installation from Marketplace
Installation from Sonar's Marketplace

Manual installation

  1. Download the latest plugin release (it’s a .jar file).
  2. Put the downloaded jar in the /extensions/plugins folder of your SonarQube’s home installation folder, removing any previous version.
  3. Restart your SonarQube Server for the changes to apply.

Connecting to Quboo

After you install the plugin, you still need to link it to your Quboo account. To do so, navigate (as a SonarQube administrator) to Administration -> Configuration -> General Settings. Select the Quboo tab and enter your API key and secret. In the screenshots below you can see where to fill in these values in SonarQube and where to get them in Quboo.

Quboo Settings in Sonar
Quboo Settings in Sonar

SonarQube servers with restricted access

Your organization may have the setting “Force User Authentication” enabled in SonarQube. In this case, you still need one extra step.

Check whether this setting is enabled or not from the Quboo Administration panel: Administration -> Configuration -> Security.

force authentication
Do you use this setting?

If it’s enabled, you need to configure an API Token in the Quboo Plugin Properties (same screen where you entered your Access and Secret keys).

First, you need to generate a token using your account. Note that you don’t need to be signed in as Administrator to generate a token.

Generating a Token Step 1
Generate a Token
Generating a Token Step 2

Once you have the token value, you have to enter it in the Quboo Plugin Configuration page. You need administrator rights to do this so you may need to log out and log in again with an administrator account (or ask your administrator to do this).

Enter the token
Paste your token into Quboo plugin settings

Pay attention when you paste the token value. Since it’s a password field, you won’t see it in the settings. Now save it. If you want to verify whether the token is being used, check Sonarqube’s ce.log for the message A token will be used to connect to SonarQube server.

When does the data gets transferred?

The players and their score won’t be in Quboo immediately after you configure the plugin.

Quboo syncs data after each analysis of your projects. Wait for your automated pipelines or run an analysis to export your data.


If, after your next analysis, you still don’t see any players in Quboo, it might be due to one of these reasons:

  1. The analysis was not really triggered. In Sonarqube, you can’t use the UI to trigger an analysis so normally you connect it to your build tools.
  2. Your Sonarqube server does not have users. Normally, it’s easy to identify this problem since you get only one player at Quboo: the administrator. This is not really a technical problem but just related to how you use the tool. If you want to use Quboo, you need to get people as users in Sonarqube, otherwise there is no way to distinguish who is contributing to improve your code. You can add users manually or you can use authentication via other systems.
  3. No Internet connectivity. You need to make sure that the server where your Sonarqube instance is configured and has access to the Internet.
  4. Not resolved host. Our plugin uses the Sonarqube API and its configuration to find where to make the API calls. Sometimes, it may happen that the configured host does not match the one that should be called from the server. Check your setting Server base URL in the Sonar Admin settings.

To figure out what is exactly the problem please you can check Sonar logs. You can find the plugin logs in the ce.log file inside the logs folder in your Sonar installation home folder.

If you still need help, do not hesitate to contat us. Please send the error logs with your support request, otherwise we might not be able to help you.

Assigning issues in Sonar