Automating SonarCloud with PowerShell - Part 1 Introduction

SonarCloud is the SaaS version of SonarQube, a tool to detect and fix issues in your code by examining code quality and security vulnerabilities. I needed to automate the onboarding of both users and code projects into SonarCloud to take away the need to manually provision these items into the system.

SonarCloud has a Web API which facilitated a lot of what I needed to achieve, however with some significant gaps which initially appeared to mean some of the onboarding would need to still be manual. Coming up in Part 2 and later of this tale will feature how I reverse engineered the Web API to fill in the missing parts of the puzzle, but in Part 1 I’ll focus on an introduction of the basics.

Pre-Requisites

The automation was carried out with PowerShell 7.x+. An API key for the SonarCloud Web API is required and can be generated from the security page of your SonarCloud account:

Initially I thought I would only need a few API calls, however it turned into many, so I ended up creating a PowerShell module, PSSonarCloud, to facilitate easy re-use of similar calls.

Getting Started

Install PSSonarCloud from the PowerShell Gallery:

Supply your SonarCloud API key to create a connection variable:

Retrieve a list of projects belonging to your SonarCloud organization:

Retrieve a list of users belonging to your SonarCloud organization:

Going Further

The module currently contains 15 functions for working with the API:

This only covers a relatively small part of the API, however as per most of my other PowerShell modules the functions are wrappers around a single function Invoke-SonarCloudRestMethod which means should you need to work with an API call that is not currently covered by PSSonarCloud then it should be straightforward.

For example the following API call to list the branches of a project is not part of PSSonarCloud yet:

The following code would get you there though: