Quboo Plugin

Sonarqube Plugin

Connecting Sonarqube

SonarQube is a popular, widely extended tool to measure code quality.

Our SonarQube plugin extracts some data from your code quality results and send them to Quboo. You can download the plugin from SonarQube’s Marketplace or install it manually. Follow the instructions in the sections below.

Don’t worry about your privacy: the data we send is not including any part of your code (and we prove it by having the plugin code on GitHub).

Installation from Marketplace

Just navigate to the Marketplace with admin rights, search “quboo” and install the plugin. You need to restart Sonarqube after that.

IMPORTANT NOTICE! Make sure you use a Quboo Plugin version 1.0.5 or newer (check latest). That version is not yet available in the Sonar Marketplace so please continue with the Manual installation option.

Manual installation

  1. Download the latest plugin release (it’s a .jar file).
  2. Put the downloaded jar in the /extensions/plugins folder of your SonarQube’s home installation folder, removing any previous version.
  3. Restart your SonarQube Server for the changes to apply.

Connecting to Quboo

After you install the plugin, you still need to link it to your Quboo account. To do so, navigate (as a SonarQube administrator) to Administration -> Configuration -> General Settings. Select the Quboo tab and enter your API key and secret. In the screenshots below you can see where to fill in these values in SonarQube and where to get them in Quboo.

Enter Quboo

SonarQube servers with restricted access

Feature available only from Quboo Plugin v1.0.5 onwards. Note that the most recent versions might be sometimes only available for manual installation.

Your organization may have the setting “Force User Authentication” enabled in SonarQube. In this case, you still need one extra step.

Check whether this setting is enabled or not from the Quboo Administration panel: Administration -> Configuration -> Security.

Setting: Force User Authentication

If it’s enabled, you need to configure an API Token in the Quboo Plugin Properties (same screen where you entered your Access and Secret keys).

First, you need to generate a token using your account. Note that you don’t need to be signed in as Administrator to generate a token.

Generate a token

Copy the token

Once you have the token value, you have to enter it in the Quboo Plugin Configuration page. You need administrator rights to do this so you may need to log out and log in again with an administrator account (or ask your administrator to do this).

Configure the token

Pay attention when you paste the token value. Since it’s a password field, you won’t see it in the settings. Now save it. If you want to verify whether the token is being used, check Sonarqube’s ce.log for the message A token will be used to connect to SonarQube server.

When does the data gets transferred?

The players and their score won’t be in Quboo immediately after you configure the plugin.

Quboo syncs data after each analysis of your projects. Wait for your automated pipelines or run an analysis to export your data.

Troubleshooting

If, after your next analysis, you still don’t see any players in Quboo, it might be due to one of these reasons:

  1. Your Sonarqube server does not have users. Normally, it’s easy to identify this problem since you get only one player at Quboo: the administrator. This is not really a technical problem but just related to how you use the tool. If you want to use Quboo, you need to get people as users in Sonarqube, otherwise there is no way to distinguish who is contributing to improve your code. You can add users manually or you can use authentication via other systems.
  2. No Internet connectivity. You need to make sure that the server where your Sonarqube instance is configured has access to the Internet.
  3. Not resolved host. Our plugin uses the Sonarqube API and its configuration to find where to make the API calls. Sometimes, it may happen that the configured host does not match the one that should be called from the server.

To figure out what is exactly the problem please check Sonar logs and contact us if you need any help. You can find the plugin logs in the ce.log file inside the logs folder in your Sonar installation home folder. Please send the error logs with your support request, otherwise we might not be able to help you.