### Start SonarQube Server (Windows) Source: https://github.com/sonarsource/sonarqube/blob/master/README.md After building and unzipping the distribution, use this command to start the SonarQube server on Windows. ```bash bin\windows-x86-64\StartSonar.bat ``` -------------------------------- ### Start SonarQube Server (Linux/MacOS) Source: https://github.com/sonarsource/sonarqube/blob/master/README.md After building and unzipping the distribution, use this command to start the SonarQube server on Linux or MacOS. ```bash # on Linux bin/linux-x86-64/sonar.sh start ``` ```bash # or on MacOS bin/macosx-universal-64/sonar.sh start ``` -------------------------------- ### Fetch GitHub Configuration (GET) Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves an existing GitHub configuration by its ID. Requires 'Administer System' permission. ```bash curl -s -u admin:admin \ http://localhost:9000/api/v2/dop-translation/github-configurations/github-config-uuid ``` -------------------------------- ### Fetch Single Project Binding (GET) Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves a specific project binding by its ID. Requires 'Administer System' permission. ```bash curl -s -u admin:admin \ http://localhost:9000/api/v2/dop-translation/project-bindings/binding-uuid-001 ``` -------------------------------- ### Search GitLab Configurations (GET) Source: https://context7.com/sonarsource/sonarqube/llms.txt Searches for GitLab configurations. Returns a list, but only one configuration is supported. Requires 'Administer System' permission. ```bash curl -s -u admin:admin \ http://localhost:9000/api/v2/dop-translation/gitlab-configurations ``` -------------------------------- ### List DevOps Platform Settings (GET) Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves all configured DevOps platform integration settings. The IDs returned are used for creating bound projects. Requires 'Create Projects' permission. ```bash curl -s -u myuser:mytoken \ http://localhost:9000/api/v2/dop-translation/dop-settings ``` -------------------------------- ### Build SonarQube with Custom UI Source: https://github.com/sonarsource/sonarqube/blob/master/README.md Use this command to build the SonarQube repository when you have made changes to the webapp. Ensure you have installed dependencies and built the webapp locally first. ```bash cd /path/to/sonarqube-webapp/server/sonar-web # do your changes # install dependencies, only needed the first time yarn # build the webapp yarn build cd /path/to/sonarqube # build the sonarqube repository using the custom build of the webapp WEBAPP_BUILD_PATH=/path/to/sonarqube-webapp/server/sonar-web/build/webapp ./gradlew build ``` -------------------------------- ### Get Clean Code Analysis Mode - GET /api/v2/clean-code-policy/mode Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieve the current clean code analysis mode (MQR or STANDARD). ```bash curl -s -u admin:admin \ http://localhost:9000/api/v2/clean-code-policy/mode ``` -------------------------------- ### Search Project Bindings by Project ID (GET) Source: https://context7.com/sonarsource/sonarqube/llms.txt Searches for project bindings associated with a specific project ID. Supports pagination. ```bash curl -s -u admin:admin \ "http://localhost:9000/api/v2/dop-translation/project-bindings?projectId=project-uuid-456&pageSize=10" ``` -------------------------------- ### Get Scanner Engine Metadata and Download JAR Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieve metadata for the Scanner Engine JAR, including filename, SHA-256, and download URL. Set the 'Accept' header to 'application/octet-stream' to download the binary. ```bash # Get metadata curl -s -u admin:admin \ http://localhost:9000/api/v2/analysis/engine ``` ```bash # Download the scanner engine JAR curl -s -u admin:admin \ -H "Accept: application/octet-stream" \ http://localhost:9000/api/v2/analysis/engine \ -o sonar-scanner-engine.jar ``` -------------------------------- ### GET /api/v2/analysis/engine — Scanner Engine Metadata and Download Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves metadata for the Scanner Engine JAR, including its filename, SHA-256 checksum, and download URL. The binary can be downloaded by setting the `Accept` header to `application/octet-stream`. ```APIDOC ## GET /api/v2/analysis/engine ### Description Returns metadata for the Scanner Engine JAR (filename, SHA-256, download URL). Set `Accept: application/octet-stream` to download the binary. ### Method GET ### Endpoint /api/v2/analysis/engine ### Request Example ```bash # Get metadata curl -s -u admin:admin \ http://localhost:9000/api/v2/analysis/engine ``` ### Response #### Success Response (200) - **filename** (string) - The filename of the Scanner Engine JAR. - **sha256** (string) - The SHA-256 checksum of the Scanner Engine JAR. - **downloadUrl** (string) - The download URL for the Scanner Engine JAR. ### Response Example ```json { "filename": "sonar-scanner-engine-shaded-12.30.0.3186-all.jar", "sha256": "deadbeef...", "downloadUrl": "/api/v2/analysis/engine" } ``` ### Download Example ```bash # Download the scanner engine JAR curl -s -u admin:admin \ -H "Accept: application/octet-stream" \ http://localhost:9000/api/v2/analysis/engine \ -o sonar-scanner-engine.jar ``` ``` -------------------------------- ### Create GitHub Configuration (POST) Source: https://context7.com/sonarsource/sonarqube/llms.txt Creates a new GitHub authentication and auto-provisioning configuration. Requires 'Administer System' permission. Only one configuration can exist at a time. ```bash curl -s -u admin:admin \ -X POST \ -H "Content-Type: application/json" \ http://localhost:9000/api/v2/dop-translation/github-configurations \ -d '{ "enabled": true, "clientId": "Iv1.abc123", "clientSecret": "secret_xyz", "applicationId": "123456", "privateKey": "-----BEGIN RSA PRIVATE KEY----- ... -----END RSA PRIVATE KEY-----", "synchronizeGroups": true, "apiUrl": "https://api.github.com/", "webUrl": "https://github.com/", "allowedOrganizations": ["my-org"], "provisioningType": "AUTO_PROVISIONING", "allowUsersToSignUp": false, "projectVisibility": true }' ``` -------------------------------- ### Search Group Memberships - GET /api/v2/authorizations/group-memberships Source: https://context7.com/sonarsource/sonarqube/llms.txt Find group memberships by filtering on either groupId or userId. ```bash curl -s -u admin:admin \ "http://localhost:9000/api/v2/authorizations/group-memberships?groupId=AXouyGkH9sYeNJ6XNWAM" ``` -------------------------------- ### Open SonarQube in IDE Source: https://github.com/sonarsource/sonarqube/blob/master/README.md If the project has not been built, run this command to prepare it for IDE import. Then, open the root 'build.gradle' file in IntelliJ or Eclipse. ```bash ./gradlew ide ``` -------------------------------- ### Create GitLab Configuration (POST) Source: https://context7.com/sonarsource/sonarqube/llms.txt Creates a new GitLab authentication and auto-provisioning configuration. Requires 'Administer System' permission. Only one configuration can exist at a time. ```bash curl -s -u admin:admin \ -X POST \ -H "Content-Type: application/json" \ http://localhost:9000/api/v2/dop-translation/gitlab-configurations \ -d '{ "enabled": true, "applicationId": "gitlab-app-id-abc", "secret": "gitlab-secret-xyz", "url": "https://gitlab.com", "synchronizeGroups": true, "allowedGroups": ["my-group"], "provisioningType": "JIT", "allowUsersToSignUp": true }' ``` -------------------------------- ### Build SonarQube Project Source: https://github.com/sonarsource/sonarqube/blob/master/README.md Execute this command from the project's base directory to build the SonarQube project and run all tests. ```bash ./gradlew build ``` -------------------------------- ### Gradle Command: List Dependencies Source: https://github.com/sonarsource/sonarqube/blob/master/README.md Use this Gradle command to list all project dependencies. ```bash ./gradlew dependencies ``` -------------------------------- ### Search User Groups - GET /api/v2/authorizations/groups Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieve a paginated and sorted list of user groups. Supports filtering by name (q) and managed status. ```bash curl -s -u admin:admin \ "http://localhost:9000/api/v2/authorizations/groups?q=backend&pageSize=25&pageIndex=1" ``` -------------------------------- ### Get SonarQube Server Version Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieve the SonarQube server version string using the /api/v2/analysis/version endpoint. This is used by scanner clients to determine compatibility. ```bash curl -s http://localhost:9000/api/v2/analysis/version # Expected output: # 26.6.0.123456 ``` -------------------------------- ### Get Database Migration Status Source: https://context7.com/sonarsource/sonarqube/llms.txt Check the status of database migrations via the /api/v2/system/migrations-status endpoint. Poll this endpoint until the status is 'NO_MIGRATION' or 'MIGRATION_SUCCEEDED' to orchestrate upgrades. ```bash curl -s -u admin:admin \ http://localhost:9000/api/v2/system/migrations-status # Expected output (no migration needed): # { # "status": "NO_MIGRATION", # "completedSteps": null, # "totalSteps": null, # "startedAt": null, # "message": "Database is up-to-date, no migration needed.", # "expectedFinishTimestamp": null # } # Expected output (migration running): # { # "status": "MIGRATION_RUNNING", # "completedSteps": 42, # "totalSteps": 150, # "startedAt": "2024-06-01T10:00:00Z", # "message": null, # "expectedFinishTimestamp": "2024-06-01T10:05:30Z" # } ``` -------------------------------- ### GET /api/v2/analysis/active_rules — Active Rules for a Project Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves all active rules that are configured for a specific project. These rules are consumed by the scanner engine during the analysis process. ```APIDOC ## GET /api/v2/analysis/active_rules ### Description Returns all active rules configured for a specific project, consumed by the scanner engine at analysis time. ### Method GET ### Endpoint /api/v2/analysis/active_rules #### Query Parameters - **projectKey** (string) - Required - The key of the project for which to retrieve active rules. ### Request Example ```bash curl -s -u admin:admin \ "http://localhost:9000/api/v2/analysis/active_rules?projectKey=my-project" ``` ### Response #### Success Response (200) - **ruleKey** (string) - The unique key of the rule. - **severity** (string) - The severity level of the rule (e.g., `INFO`, `BLOCKER`). - **params** (object) - Parameters associated with the rule. - **impacts** (array) - An array of objects describing the rule's impact on software quality. - **softwareQuality** (string) - The category of software quality. - **severity** (string) - The severity of the impact. ### Response Example ```json [ { "ruleKey": "java:S1135", "severity": "INFO", "params": {}, "impacts": [{"softwareQuality": "MAINTAINABILITY", "severity": "LOW"}] }, { "ruleKey": "java:S2189", "severity": "BLOCKER", "params": {}, "impacts": [{"softwareQuality": "RELIABILITY", "severity": "HIGH"}] } ] ``` ``` -------------------------------- ### Update User Group - PATCH /api/v2/authorizations/groups/{id} Source: https://context7.com/sonarsource/sonarqube/llms.txt Modify an existing user group using JSON Merge Patch. This example updates the group's description. ```bash curl -s -u admin:admin \ -X PATCH \ -H "Content-Type: application/merge-patch+json" \ http://localhost:9000/api/v2/authorizations/groups/AXouyGkH9sYeNJ6XNWAM \ -d '{"description": "All backend engineers"}' ``` -------------------------------- ### Create Email Configuration (Basic SMTP) Source: https://context7.com/sonarsource/sonarqube/llms.txt Use this endpoint to create a new email configuration for SonarQube. Requires authentication and provides the SMTP server details. ```bash curl -s -u admin:admin \ -X POST \ -H "Content-Type: application/json" \ http://localhost:9000/api/v2/system/email-configurations \ -d '{ "host": "smtp.example.com", "port": "587", "securityProtocol": "STARTTLS", "fromAddress": "sonarqube@example.com", "fromName": "SonarQube", "subjectPrefix": "[SonarQube]", "authMethod": "BASIC", "username": "sonarqube@example.com", "basicPassword": "smtp-password" }' ``` -------------------------------- ### Create Bound Project - POST /api/v2/dop-translation/bound-projects Source: https://context7.com/sonarsource/sonarqube/llms.txt Link a SonarQube project to a DevOps platform repository for auto-configured Pull Request decoration. Requires 'Create Projects' permission and a PAT. ```bash curl -s -u myuser:mytoken \ -X POST \ -H "Content-Type: application/json" \ http://localhost:9000/api/v2/dop-translation/bound-projects \ -d '{ "projectKey": "my-org_my-repo", "projectName": "My Repository", "devOpsPlatformSettingId": "dop-setting-uuid-123", "repositoryIdentifier": "my-org/my-repo", "newCodeDefinitionType": "NUMBER_OF_DAYS", "newCodeDefinitionValue": "30", "monorepo": false }' ``` -------------------------------- ### Database Migration Status Source: https://context7.com/sonarsource/sonarqube/llms.txt Provides the current status of database migrations, including progress, start time, and potential errors. This is useful for orchestrating upgrades by polling until the migration is complete. ```APIDOC ## GET /api/v2/system/migrations-status — Database Migration Status ### Description Returns the current state of database migrations: status, completed/total steps, start time, expected finish time, and any error message. Useful for orchestrating upgrades — poll this endpoint until `status` is `NO_MIGRATION` or `MIGRATION_SUCCEEDED`. ### Method GET ### Endpoint /api/v2/system/migrations-status ### Parameters #### Query Parameters None #### Headers - **Authorization** (string) - Required - Basic authentication credentials (e.g., `admin:admin`). ### Request Example ```bash curl -s -u admin:admin \ http://localhost:9000/api/v2/system/migrations-status ``` ### Response #### Success Response (200) - **status** (string) - The current migration status (e.g., `NO_MIGRATION`, `MIGRATION_RUNNING`, `MIGRATION_SUCCEEDED`). - **completedSteps** (integer) - The number of migration steps completed. - **totalSteps** (integer) - The total number of migration steps. - **startedAt** (string) - The timestamp when the migration started (ISO 8601 format). - **message** (string) - An informational message about the migration status. - **expectedFinishTimestamp** (string) - The estimated timestamp for migration completion (ISO 8601 format). #### Response Example (no migration needed) ```json { "status": "NO_MIGRATION", "completedSteps": null, "totalSteps": null, "startedAt": null, "message": "Database is up-to-date, no migration needed.", "expectedFinishTimestamp": null } ``` #### Response Example (migration running) ```json { "status": "MIGRATION_RUNNING", "completedSteps": 42, "totalSteps": 150, "startedAt": "2024-06-01T10:00:00Z", "message": null, "expectedFinishTimestamp": "2024-06-01T10:05:30Z" } ``` ``` -------------------------------- ### Build SonarQube Project Source: https://context7.com/sonarsource/sonarqube/llms.txt Build the SonarQube project and generate distribution zip. Use '-x test' to skip tests for a faster build. The WEBAPP_BUILD_PATH variable can be used to specify a custom local webapp build path. ```bash # Build (requires Java 21, native Git, npm) ./gradlew build ``` ```bash # Skip tests for faster build ./gradlew build -x test ``` ```bash # Start on Linux bin/linux-x86-64/sonar.sh start ``` ```bash # Start on macOS bin/macosx-universal-64/sonar.sh start ``` ```bash # Start on Windows bin\windows-x86-64\StartSonar.bat ``` ```bash # Open project in IDE (generates protobuf sources etc.) ./gradlew ide ``` ```bash # Fix license headers ./gradlew licenseFormat --rerun-tasks ``` ```bash # Build with a custom local webapp build WEBAPP_BUILD_PATH=/path/to/sonarqube-webapp/server/sonar-web/build/webapp ./gradlew build ``` -------------------------------- ### Build and Publish to Local Maven Repository Source: https://context7.com/sonarsource/sonarqube/llms.txt Build the project and publish artifacts to your local Maven repository using the `publishToMavenLocal` Gradle task. ```bash ./gradlew publishToMavenLocal ``` -------------------------------- ### List Available JREs Source: https://context7.com/sonarsource/sonarqube/llms.txt List all available bundled JREs using the /api/v2/analysis/jres endpoint. Set the 'Accept: application/octet-stream' header to download the binary instead. Requires 'Administer System' permission or a system passcode. ```bash # List all available JREs curl -s -u admin:admin \ "http://localhost:9000/api/v2/analysis/jres" # Expected output: # [ # { ``` -------------------------------- ### Gradle Command: Upgrade Wrapper Source: https://github.com/sonarsource/sonarqube/blob/master/README.md Use this command to upgrade the Gradle wrapper to a specific version, in this case, 5.2.1. ```bash ./gradlew wrapper --gradle-version 5.2.1 ``` -------------------------------- ### GET /api/v2/analysis/jres — List and Filter JREs Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves a list of available Java Runtime Environments (JREs) and allows filtering by operating system and architecture. It also provides download URLs for specific JREs. ```APIDOC ## GET /api/v2/analysis/jres ### Description Retrieves a list of available Java Runtime Environments (JREs) and allows filtering by operating system and architecture. It also provides download URLs for specific JREs. ### Method GET ### Endpoint /api/v2/analysis/jres #### Query Parameters - **os** (string) - Optional - The operating system to filter by (e.g., `linux`, `windows`, `darwin`). - **arch** (string) - Optional - The architecture to filter by (e.g., `x64`, `arm64`). ### Request Example ```bash curl -s -u admin:admin \ "http://localhost:9000/api/v2/analysis/jres?os=linux&arch=x64" ``` ### Response #### Success Response (200) - **id** (string) - Unique identifier for the JRE. - **filename** (string) - The filename of the JRE archive. - **sha256** (string) - The SHA-256 checksum of the JRE archive. - **javaVersion** (string) - The Java version. - **os** (string) - The operating system. - **arch** (string) - The architecture. - **downloadUrl** (string) - The URL to download the JRE binary. ### Response Example ```json [ { "id": "jdk-21.0.9+10-linux-x64", "filename": "OpenJDK21U-jre_x64_linux_hotspot_21.0.9_10.tar.gz", "sha256": "abc123...", "javaVersion": "21.0.9", "os": "linux", "arch": "x64", "downloadUrl": "/api/v2/analysis/jres/jdk-21.0.9+10-linux-x64" } ] ``` ``` -------------------------------- ### Get Server Health Status Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieve the health status of the SonarQube node using the /api/v2/system/health endpoint. Requires 'Administer System' permission or a system passcode. Not supported in cluster mode (returns HTTP 501). ```bash curl -s \ -H "X-Sonar-Passcode: my-secret-passcode" \ http://localhost:9000/api/v2/system/health # Expected output: # { # "health": "GREEN", # "causes": [] # } # When Elasticsearch is degraded: # { # "health": "YELLOW", # "causes": [{"message": "Elasticsearch status is YELLOW"}] # } ``` -------------------------------- ### Create a User Account via SonarQube API Source: https://context7.com/sonarsource/sonarqube/llms.txt Create a new user account, either local or externally-authenticated. This operation requires 'Administer System' permission. If a deactivated account with the same login exists, it will be reactivated. ```bash # Create a local user curl -s -u admin:admin \ -X POST \ -H "Content-Type: application/json" \ http://localhost:9000/api/v2/users-management/users \ -d '{ "login": "jdoe", "name": "Jane Doe", "email": "jdoe@example.com", "password": "s3cr3tP@ss!", "local": true, "scmAccounts": ["jane.doe", "jdoe@corp.com"] }' ``` -------------------------------- ### JRE Metadata and Download Source: https://context7.com/sonarsource/sonarqube/llms.txt Fetches metadata for bundled JREs or downloads JRE binaries. Allows filtering by OS and CPU architecture. ```APIDOC ## GET /api/v2/analysis/jres — JRE Metadata and Download ### Description Returns metadata for all available bundled JREs, optionally filtered by OS and CPU architecture. Set the `Accept: application/octet-stream` header to download the binary instead. ### Method GET ### Endpoint /api/v2/analysis/jres ### Parameters #### Query Parameters - **os** (string) - Optional - The operating system to filter by (e.g., `linux`, `windows`, `darwin`). - **arch** (string) - Optional - The CPU architecture to filter by (e.g., `amd64`, `aarch64`). #### Headers - **Accept** (string) - Optional - Set to `application/octet-stream` to download the JRE binary. Defaults to `application/json` for metadata. - **Authorization** (string) - Optional - Basic authentication credentials (e.g., `admin:admin`). ### Request Example ```bash # List all available JREs curl -s -u admin:admin \ "http://localhost:9000/api/v2/analysis/jres" # List JREs for Linux AMD64 curl -s -u admin:admin \ "http://localhost:9000/api/v2/analysis/jres?os=linux&arch=amd64" # Download JRE binary for Linux AMD64 curl -s -u admin:admin \ -H "Accept: application/octet-stream" \ "http://localhost:9000/api/v2/analysis/jres?os=linux&arch=amd64" > jre-linux-amd64.tar.gz ``` ### Response #### Success Response (200 - Metadata) - **metadata** (array) - A list of JRE metadata objects, each containing: - **os** (string) - Operating system. - **arch** (string) - CPU architecture. - **filename** (string) - The name of the JRE archive file. - **size** (integer) - The size of the JRE archive in bytes. #### Success Response (200 - Binary) - The raw binary content of the requested JRE archive. #### Response Example (Metadata) ```json [ { "os": "linux", "arch": "amd64", "filename": "jre-linux-amd64.tar.gz", "size": 123456789 } ] ``` ``` -------------------------------- ### Build SonarQube Source: https://github.com/sonarsource/sonarqube/blob/master/sonar-ws-generator/README.md Build SonarQube before running the generator. Exclude tests and obfuscation for faster builds. ```bash ./gradlew build -x test -x obfuscate ``` -------------------------------- ### GET /api/v2/users-management/users — Search Users Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves a paginated list of users. By default, only active users are returned. Administrators can also access additional details like email, last connection date, and token count. ```APIDOC ## GET /api/v2/users-management/users ### Description Returns a paginated list of users. Active users are returned by default. Administrators additionally receive `email`, `externalIdentity`, `externalProvider`, `groups`, `lastConnectionDate`, `sonarLintLastConnectionDate`, and `tokensCount`. ### Method GET ### Endpoint /api/v2/users-management/users #### Query Parameters - **q** (string) - Optional - A search query to filter users by login, name, or email. - **pageSize** (integer) - Optional - The number of users to return per page. Defaults to 10. - **pageIndex** (integer) - Optional - The index of the page to retrieve. Defaults to 1. ### Request Example ```bash # Search active users, paginated curl -s -u admin:admin \ "http://localhost:9000/api/v2/users-management/users?q=jane&pageSize=10&pageIndex=1" ``` ### Response #### Success Response (200) - **users** (array) - An array of user objects. - **id** (string) - The unique identifier for the user. - **login** (string) - The login name of the user. - **name** (string) - The full name of the user. - **email** (string) - The email address of the user (visible to administrators). - **active** (boolean) - Indicates if the user account is active. - **managed** (boolean) - Indicates if the user is managed externally. - **tokensCount** (integer) - The number of authentication tokens associated with the user (visible to administrators). - **page** (object) - Pagination information. - **pageIndex** (integer) - The current page index. - **pageSize** (integer) - The number of items per page. - **total** (integer) - The total number of users matching the query. ### Response Example ```json { "users": [ { "id": "AU-TpxcQ-iU5OvuD2FlZ", "login": "jdoe", "name": "Jane Doe", "email": "jdoe@example.com", "active": true, "managed": false, "tokensCount": 2 } ], "page": {"pageIndex": 1, "pageSize": 10, "total": 1} } ``` ### Fetch Single User Example ```bash # Fetch a single user by ID curl -s -u admin:admin \ http://localhost:9000/api/v2/users-management/users/AU-TpxcQ-iU5OvuD2FlZ ``` ``` -------------------------------- ### Filter and Download JREs using SonarQube API Source: https://context7.com/sonarsource/sonarqube/llms.txt Use the API to filter available JREs by OS and architecture, and then download a specific JRE binary. Ensure you provide valid authentication credentials. ```bash # Filter by OS and architecture curl -s -u admin:admin \ "http://localhost:9000/api/v2/analysis/jres?os=linux&arch=x64" ``` ```bash # Download the JRE binary curl -s -u admin:admin \ -H "Accept: application/octet-stream" \ "http://localhost:9000/api/v2/analysis/jres/jdk-21.0.9+10-linux-x64" \ -o jre.tar.gz ``` -------------------------------- ### Run Web API Source Generator Source: https://github.com/sonarsource/sonarqube/blob/master/sonar-ws-generator/README.md Execute the generator script to create Java sources for the SonarQube Web API. ```bash sonar-ws-generator/run.sh ``` -------------------------------- ### Create Bound Project Source: https://context7.com/sonarsource/sonarqube/llms.txt Creates a SonarQube project linked to a DevOps platform repository and auto-configures Pull Request decoration. Requires `Create Projects` permission and a Personal Access Token set via `/api/alm_integrations/set_pat`. ```APIDOC ## DOP Translation — POST /api/v2/dop-translation/bound-projects — Create Bound Project ### Description Creates a SonarQube project linked to a DevOps platform repository and auto-configures Pull Request decoration. Requires `Create Projects` permission and a Personal Access Token set via `/api/alm_integrations/set_pat`. ### Method POST ### Endpoint /api/v2/dop-translation/bound-projects ### Request Body - **projectKey** (string) - Required - The unique key of the SonarQube project. - **projectName** (string) - Required - The name of the SonarQube project. - **devOpsPlatformSettingId** (string) - Required - The ID of the DevOps platform setting. - **repositoryIdentifier** (string) - Required - The identifier of the DevOps platform repository. - **newCodeDefinitionType** (string) - Required - The type of new code definition (e.g., "NUMBER_OF_DAYS"). - **newCodeDefinitionValue** (string) - Required - The value for the new code definition. - **monorepo** (boolean) - Optional - Indicates if the repository is a monorepo. ### Request Example ```json { "projectKey": "my-org_my-repo", "projectName": "My Repository", "devOpsPlatformSettingId": "dop-setting-uuid-123", "repositoryIdentifier": "my-org/my-repo", "newCodeDefinitionType": "NUMBER_OF_DAYS", "newCodeDefinitionValue": "30", "monorepo": false } ``` ### Response #### Success Response (201) - **projectKey** (string) - The key of the bound project. - **projectName** (string) - The name of the bound project. - **mainBranch** (string) - The main branch of the repository. ### Response Example ```json { "projectKey": "my-org_my-repo", "projectName": "My Repository", "mainBranch": "main" } ``` ``` -------------------------------- ### Generate Translation Keys Source: https://github.com/sonarsource/sonarqube/blob/master/README.md Run this command within the sonarqube-webapp directory to generate a backward-compatible .properties file for translations. This is useful for managing default translations. ```bash cd /path/to/sonarqube-webapp/server/sonar-web # install dependencies, only needed the first time yarn # generate a backward compatible .properties file with all the translation keys yarn generate-translation-keys ``` -------------------------------- ### Run Specific Submodule Tests with Gradle Source: https://context7.com/sonarsource/sonarqube/llms.txt Execute tests for a particular submodule using the Gradle wrapper. Specify the submodule path after the colon. ```bash ./gradlew :server:sonar-webserver-webapi-v2:test ``` -------------------------------- ### Create Email Configuration (Basic SMTP) Source: https://context7.com/sonarsource/sonarqube/llms.txt Creates a new email configuration using basic SMTP authentication. The response includes the created EmailConfigurationResource with its ID. ```APIDOC ## POST /api/v2/system/email-configurations ### Description Creates a new email configuration using basic SMTP authentication. ### Method POST ### Endpoint /api/v2/system/email-configurations ### Parameters #### Request Body - **host** (string) - Required - The SMTP host address. - **port** (string) - Required - The SMTP port number. - **securityProtocol** (string) - Required - The security protocol (e.g., STARTTLS, SSLTLS). - **fromAddress** (string) - Required - The sender's email address. - **fromName** (string) - Optional - The sender's display name. - **subjectPrefix** (string) - Optional - A prefix for email subjects. - **authMethod** (string) - Required - The authentication method (e.g., BASIC). - **username** (string) - Required - The username for authentication. - **basicPassword** (string) - Required - The password for basic authentication. ### Request Example ```json { "host": "smtp.example.com", "port": "587", "securityProtocol": "STARTTLS", "fromAddress": "sonarqube@example.com", "fromName": "SonarQube", "subjectPrefix": "[SonarQube]", "authMethod": "BASIC", "username": "sonarqube@example.com", "basicPassword": "smtp-password" } ``` ### Response #### Success Response (200) - **EmailConfigurationResource** - The created email configuration object, including its ID. ``` -------------------------------- ### Fetch Active Rules for a SonarQube Project Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieve all active rules configured for a specific project, which are consumed by the scanner engine during analysis. The 'projectKey' parameter is required. ```bash curl -s -u admin:admin \ "http://localhost:9000/api/v2/analysis/active_rules?projectKey=my-project" ``` -------------------------------- ### List DevOps Platform Settings Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves a list of all configured DevOps platform integration settings. The IDs returned are used when creating bound projects. ```APIDOC ## GET /api/v2/dop-translation/dop-settings ### Description Returns all configured DevOps platform integration settings. The returned IDs are used as `devOpsPlatformSettingId` when creating bound projects. Requires `Create Projects` permission. ### Method GET ### Endpoint /api/v2/dop-translation/dop-settings ### Response #### Success Response (200) - **dopSettings** (array) - A list of DevOps platform settings. - **id** (string) - The unique identifier for the setting. - **type** (string) - The type of DevOps platform (e.g., GITHUB). - **key** (string) - The configuration key. - **appId** (string) - The application ID. - **url** (string) - The URL of the DevOps platform. ### Response Example ```json { "dopSettings": [ { "id": "dop-setting-uuid-123", "type": "GITHUB", "key": "my-github-config", "appId": "123456", "url": "https://github.com" } ] } ``` ``` -------------------------------- ### Instance Mode Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves or updates the clean-code analysis mode: Multi-Quality Rules (MQR) or Standard Experience. Requires `Administer System` permission for PATCH. ```APIDOC ## Clean Code Policy — GET/PATCH /api/v2/clean-code-policy/mode — Instance Mode ### Description Retrieves or updates the clean-code analysis mode: Multi-Quality Rules (MQR) or Standard Experience. Requires `Administer System` permission for PATCH. ### Method GET, PATCH ### Endpoint /api/v2/clean-code-policy/mode ### Response (GET) #### Success Response (200) - **mode** (string) - The current clean-code analysis mode (e.g., "MQR", "STANDARD"). ### Response Example (GET) ```json {"mode": "MQR"} ``` ### Request Body (PATCH) - **mode** (string) - Required - The desired mode to set (e.g., "STANDARD"). ### Request Example (PATCH) ```json {"mode": "STANDARD"} ``` ### Response (PATCH) #### Success Response (200) - **mode** (string) - The updated clean-code analysis mode. ``` -------------------------------- ### Enable Debugging in SonarQube Source: https://github.com/sonarsource/sonarqube/blob/master/scripts/patches/README.md This script sets the `sonar.web.javaAdditionalOpts` property in `sonar.properties` to enable Java debugging on a specified port. It requires the `property_utils.sh` script to be sourced. ```bash #!/usr/bin/env bash # # sets property sonar.web.javaAdditionalOpts in sonar.properties to activate debug # set -euo pipefail source scripts/property_utils.sh SQ_HOME=$1 port=5005 echo "enabling debug in conf/sonar.properties, listening on port $port" set_property sonar.web.javaAdditionalOpts "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=$port" "$SQ_HOME/conf/sonar.properties" ``` -------------------------------- ### Gradle Build Customization Source: https://context7.com/sonarsource/sonarqube/llms.txt Information on customizing Gradle builds, including version properties, dependency overrides, and running specific tasks. ```APIDOC ## Gradle Build Customization ### Description Customization points for contributors to the Gradle build process. ### gradle.properties Key version properties can be found in `gradle.properties`: ```groovy version=26.6 pluginApiVersion=13.5.0.4319 elasticSearchServerVersion=8.19.13 webappVersion=2026.3.0.51435 scannerEngineVersion=12.30.0.3186 ``` ### build.gradle Override bundled plugin versions within the `dependencyManagement > dependencies` block: ```groovy dependency 'org.sonarsource.java:sonar-java-plugin:8.29.0.43460' ``` ### Running Specific Tasks Execute tests for a specific submodule: ```bash ./gradlew :server:sonar-webserver-webapi-v2:test ``` ### Building and Publishing Build and publish to the local Maven repository: ```bash ./gradlew publishToMavenLocal ``` ### Building with Build Number Run a build with a specific build number for non-SNAPSHOT versions: ```bash ./gradlew build -DbuildNumber=12345 ``` Resulting version format: `26.6.0.12345` ``` -------------------------------- ### Run Gradle Build with Custom Build Number Source: https://context7.com/sonarsource/sonarqube/llms.txt Execute a Gradle build and specify a custom build number using a system property. This is useful for non-SNAPSHOT versioning. ```bash ./gradlew build -DbuildNumber=12345 ``` -------------------------------- ### Copy Sonar Views Plugin Source: https://github.com/sonarsource/sonarqube/blob/master/scripts/patches/README.md This script copies a specified Sonar Views plugin JAR file to the SonarQube extensions plugins directory. It requires the `property_utils.sh` script to be sourced. ```bash #!/usr/bin/env bash # # copies the sonar-views plugin jar to the extension directory # set -euo pipefail source scripts/property_utils.sh SQ_HOME=$1 VIEWS_FILE=~/DEV/views/target/sonar-views-plugin-2.9-SNAPSHOT.jar EXT_DIR=$SQ_HOME/extensions/plugins cp -v "$VIEWS_FILE" "$EXT_DIR" ``` -------------------------------- ### Create Custom Clean Code Rule - POST /api/v2/clean-code-policy/rules Source: https://context7.com/sonarsource/sonarqube/llms.txt Define a new custom rule for clean code analysis based on a template. Requires 'Administer Quality Profiles' permission. ```bash curl -s -u admin:admin \ -X POST \ -H "Content-Type: application/json" \ http://localhost:9000/api/v2/clean-code-policy/rules \ -d '{ "key": "java:MyCustomNullCheck", "templateKey": "java:XPath", "name": "Custom Null Check", "markdownDescription": "Detects potential null dereferences matching our pattern.", "status": "READY", "cleanCodeAttribute": "LOGICAL", "impacts": [ {"softwareQuality": "RELIABILITY", "severity": "HIGH"} ], "parameters": [ {"key": "expression", "value": "//MethodInvocation[..."} ] }' ``` -------------------------------- ### Idempotent Create or Update Bound Project (PUT) Source: https://context7.com/sonarsource/sonarqube/llms.txt Use this endpoint to create a new bound project or update an existing one. It requires project key, name, DevOps platform setting ID, repository identifier, and monorepo status. ```bash curl -s -u myuser:mytoken \ -X PUT \ -H "Content-Type: application/json" \ http://localhost:9000/api/v2/dop-translation/bound-projects \ -d '{ "projectKey": "my-org_my-repo", "projectName": "My Repository (updated)", "devOpsPlatformSettingId": "dop-setting-uuid-123", "repositoryIdentifier": "my-org/my-repo", "monorepo": false }' ``` -------------------------------- ### Project Bindings Source: https://context7.com/sonarsource/sonarqube/llms.txt Fetches existing project-to-DevOps-repository bindings. Bindings can be retrieved by their ID or searched across all bindings using a project ID. ```APIDOC ## GET /api/v2/dop-translation/project-bindings/{id} ### Description Fetches a single project binding by its unique ID. ### Method GET ### Endpoint /api/v2/dop-translation/project-bindings/{id} ### Parameters #### Path Parameters - **id** (string) - Required - The ID of the project binding to fetch. ### Response #### Success Response (200) - **ProjectBinding** (object) - Details of the project binding. - **id** (string) - The binding ID. - **dopSettingId** (string) - The ID of the DevOps platform setting. - **projectId** (string) - The ID of the SonarQube project. - **repository** (string) - The repository identifier. - **isMonorepo** (boolean) - Indicates if the repository is a monorepo. ### Response Example ```json { "id": "binding-uuid-001", "dopSettingId": "dop-setting-uuid-123", "projectId": "project-uuid-456", "repository": "my-org/my-repo", "isMonorepo": false } ``` ``` ```APIDOC ## GET /api/v2/dop-translation/project-bindings ### Description Searches for project bindings across all configurations. Can be filtered by `projectId`. ### Method GET ### Endpoint /api/v2/dop-translation/project-bindings ### Parameters #### Query Parameters - **projectId** (string) - Optional - Filters bindings by the SonarQube project ID. - **pageSize** (integer) - Optional - The number of results to return per page. ### Response #### Success Response (200) - **paginated list of ProjectBinding resources** (object) - A paginated list of project binding resources. ``` -------------------------------- ### Search Existing Email Configurations Source: https://context7.com/sonarsource/sonarqube/llms.txt Retrieves a list of all existing email configurations in SonarQube. Requires authentication. ```bash curl -s -u admin:admin \ http://localhost:9000/api/v2/system/email-configurations ``` -------------------------------- ### Update Clean Code Analysis Mode - PATCH /api/v2/clean-code-policy/mode Source: https://context7.com/sonarsource/sonarqube/llms.txt Change the clean code analysis mode to 'MQR' or 'STANDARD' using JSON Merge Patch. Requires 'Administer System' permission. ```bash curl -s -u admin:admin \ -X PATCH \ -H "Content-Type: application/merge-patch+json" \ http://localhost:9000/api/v2/clean-code-policy/mode \ -d '{"mode": "STANDARD"}' ```