As we are Atlassian Solution partners, and also we are SonarSource official partners (and on-exclusive basis in Spain), we have always dreamed about this integration.

JIRA users and SonarQube users are different. JIRA users will not deep into SonarQube to find source code issues, at least, not all of them (specially the managers). We needed a way to show them measures of the internal quality of their software development projects and products, while navigating through JIRA issues.

Now, everyone will be able to know if code quality is good enough for the next release. JIRA and SonarQube, better together!!!

What it does

SonarQube Connector brings your source code quality model to your JIRA project:

  • Reliability: focused on bugs, an issue that represents something wrong in the code. If this has not broken yet, it will, and probably at the worst possible moment. This needs to be fixed. Yesterday.
  • Security: focused on vulnerabilities, a security-related issue which represents a potential backdoor for attackers.
  • Maintainability: focused on code smells, a maintainability-related issue in the code. Leaving it as-is means that at best maintainers will have a harder time than they should making changes to the code. At worst, they'll be so confused by the state of the code that they'll introduce additional errors as they make changes.

And also the most important code quality metrics:

  • Duplications Density
  • Lines of Code (ncloc)
  • Technical Debt
  • Code Coverage
  • Comments Density

And it also displays your current quality gate status, so that you are able to make decisions about releasing it or not.

How I built it

It is build using the REST APIs and the JIRA SDK. The plugin is a project tab panel where you can browse to display all the information from SonarQube.

Challenges I ran into

  • Selecting the most relevant metrics was a challenge, because not all the people that use SonarQube uses the same metrics.
  • Selecting the most appropriate way to display the information in JIRA. Finally we used the ratings and donut charts for the percentage metrics.
  • Building the integration between SonarQube and JIRA through different layers (Web API, Java model, ...).

Accomplishments that I'm proud of

  • It's really beautiful :-)
  • Being able to check the quality gate inside JIRA is a must have.
  • JIRA users, and specially project managers, will be able to know current code quality status within their JIRA project.

What I learned

  • Building a full Java API to connect to SonarQube Web API.
  • D3 pie charts are awesome!
  • AUI keeps growing!

What's next for SonarQube Connector for JIRA

  • A cloud version for the plugin will be available soon.
  • New features to bring more information to JIRA: most severe bugs, vulnerabilities, and code smells detected in your source code base.
  • Ability to link JIRA project versions to SonarQube versions.
  • Ability to create JIRA issues from bugs, vulnerabilities and code smells.
  • History charts for the most relevant metrics.
  • Additional information by mixing JIRA issues and SonarQube issues to get an overall status of your project (project management and product quality, better together!)

Built With

Share this project: