CONTROLLED DATA
Leidos Proprietary - US Citizens ONLY
The information contained herein is proprietary to Leidos, Inc. It may not be used, reproduced, disclosed, or exported without the written approval of Leidos.
SecDevOps dashboards support the SonarQube Connector for Jira. It is available to all projects. However, this plugin will be most useful for software development projects desiring to gain insight into the quality of their code. See SonarQube for more information regarding code quality metrics.
Step-by-step guide
Prerequisites
Please contact the SecDevOps Help Desk to administer and provide the items below.
- Project permissions in SonarQube.
- SonarQube user token.
- SonarQube URL.
Note also that at least one existing SonarQube code quality analysis project must exist. This typically entails triggering the analysis via one of the CI/CD pipelines, Bamboo or Jenkins, that are provide by SecDevOps.
| Step | ||
|---|---|---|
| 1 | Login to SonarQube. |
|
| 2 | Under Projects, locate the project to be monitored. |
|
| 3 | In the lower right corner, copy the project key and save it. |
|
| 4 | Log in to your Jira homepage. |
|
| 5 | At the bottom of the sidebar, click on the Project settings gear icon. | |
| 6 | Scroll down and click on the SonarQube Connector link. |
|
| 7 | The SonarQube Connector settings page should be visible. |
|
| 8 | Paste in the SonarQube Server URL obtained from the administrator in the prerequisites section. |
|
| 9 | Paste in the Token obtained from the administrator in the prerequisites section. | |
| 10 | Paste in the Resource Key obtained in Step 3. | |
| 11 | Click Save. | |
| 12 | In the sidebar on the left, find the SonarQube Connector icon and click on it. |  |
| 13 | If the above steps have been completed correctly, a code quality metrics report should be visible for the project added in the previous steps. |  |
| 14 | To add another project, go back to the SonarQube Connector settings, by clicking on Project settings and then SonarQube Connector. |
|
| 15 | The SonarQube Connector settings page should again be visible. |
|
| 16 | Repeat Steps 1 - 3 to obtain a key for another project to be monitored. | |
| 17 | Paste the second key after the original value separated by a comma in the Resource Key field. |
|
| 18 | Click Save. | |
| 19 | In the sidebar on the left, find the SonarQube Connector icon and click on it. | |
| 20 | The SonarQube report should now contain a combined summary of both projects along with an individual project breakdown at the bottom. |
|
| 21 | End |
