Managing ALM integrations in SonarQube via PostMan(Azure DevOps) with example code in TypeScript
Hello I wanted to share my knowledge about administrating Sonarqube and adding / updating Azure DevOps tokens via the API of SonarQube. I’ve done this with Typescript in a kubernetes cron job now. But I’ll start with simple Postman scripts.
The API of SonarQube
Sonarqube offers three interesting APIs to manage your ALM integration: https://docs.sonarqube.org/8.9/extend/web-api/.
Get an admins user token to use these APIs
I think this is the best point to start: https://docs.sonarqube.org/latest/user-guide/user-token/
Listing all existing bindings
Listing all existing bindings is pretty simple. You simply do a GET request to https://YOURDOMAIN/api/alm_settings/list. And in the Auth section just select Basic Auth and set your token as Username. The password should stay empty.
Delete an existing binding
Now we need to run a POST request to https://YOURDOMAIN/api/alm_settings/delete. In the Authentication section we are using the same setup as before. In the Params section we now need to add:
Key : Value
key : myExistingKey
Create a new binding
This is again a post request and the url is: https://YOURDOMAIN/api/alm_settings/create_azure. We will reuse our well known auth config here as well. And the Params look like this:
Key : Value
key : myNewKey
personalAccessToken : A Code read & write PAT from Azure DevOps (see my previous article)
url : Link to your azure devops organisation
Well done now you can administrate your ALM settings via the API of SonarQube.
Now it’s pretty easy to create automated scripts in a language you prefer to automatically update Azure DevOps Pats in your Sonarqube. I’m using a Typescript based cron job in kubernetes to manage this.
You can find a simple Typescript SonarQube Client in github: https://github.com/Bjego/sonarqube-credential-updater.
Good luck with automating these API calls.