SonarCloud
By integrating SonarCloud with DX, you can analyze security issues and metrics on code coverage, code smells, and vulnerabilities. Please refer to the API documentation below and our schema explorer to see what data DX imports.
Prerequisites
To connect SonarCloud to DX, you need:
Setup instructions
Follow the steps below to connect SonarCloud to DX.
Step 1
Log in to your SonarCloud account and navigate to Account > Security.
Step 2
Click Generate Token and copy the token. SonarCloud does not allow specifying granular permissions for API tokens. Thus, API tokens provide access to all API endpoints although DX only accesses endpoints that are listed below. Further restriction of API endpoints can be achieved by setting up a proxy, if desired.
Step 3
- Navigate to the connections page in DX and select “+ Connection” in the top right.
- Enter the credentials you have generated in the previous steps—refer to the information below for errors and troubleshooting.
API reference
The table below lists the specific API endpoints that are used by DX.
| Endpoint | Documentation |
|---|---|
| /organizations/search | link |
| /projects/search | link |
| /issues/search | link |
| /hotspots/search | link |
| /measures/searchHistory | link |
| /measures/component | link |
| /metrics/search | link |
Errors
The table below lists potential error codes when adding a connection in DX.
| Error | Description |
|---|---|
invalid_credentials |
Your API credentials entered are not valid. |
invalid_permissions |
Your API token does not have the permissions required by DX. |
no_resources |
Your API token lacks the permissions to access organizations. |
Data Cloud API
Once the initial connection is created successfully, SonarCloud credentials can be managed via the Data Cloud API.
Credential fields
| Field | Type | Description |
|---|---|---|
secrets.api_token |
String |
A SonarCloud user token. |
{
"id": 456,
"secrets": {
"api_token": "sqa_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}