Apis for **new code** metrics at application level

SonarQube 7.9 LTS

This is further continuation with Apis for **new code** metrics at portfolio level.

To avail metrics aggregated for new code I redefined some of our application portfolios as Applications and below are few of the observations:

1. Unlike portfolios, there is no option to define Applications using regular expression & only manual selection is available
2. I cannot find an api to fetch aggregated ratings for new code even for Application. Below is the api I trying but it is returning empty string. Am I missing something?

API I tried:
mysonar/api/measures/component?component=test_application&metricKeys=new_reliability_rating%2cnew_security_rating%2cnew_sqale_rating%2cnew_code_smells%2cnew_coverage%2cnew_duplicated_lines_density

JSON received:
{"component":{"id":"AXRUgqGwZCX7QJebzwzb","key":"test_application","name":"Test Application","description":"","qualifier":"APP","measures":[]}}

Hi,

The best thing to do any time you’re trying to figure out the right API calls for something is to figure out where in the interface that same thing is done & use your browser’s Developer Tools to eavesdrop on what calls are made. In this case, you’ll find metrics on new code on the Measures page.

 
HTH,
Ann

Hello Ann,

Thank you for the prompt response.
I did check that but cannot find any API that aggregates new code metrics (security, reliability, maintainability ratings) at application level.
Can you pls help me with this.

Hi,

I just navigated to Coverage on New Code in the Measures page of an Application on Next. The Network tab of the Developer tools tells me the API calls were:

• https://next.sonarqube.com/sonarqube/api/measures/component_tree?additionalFields=metrics&ps=500&asc=true&s=qualifier%2Cname&component=SonarQube_Scanners&metricKeys=new_coverage%2Cnew_uncovered_lines%2Cnew_uncovered_conditions&strategy=children
• https://next.sonarqube.com/sonarqube/api/measures/component_tree?additionalFields=metrics&ps=500&asc=true&s=qualifier%2Cname&component=SonarQube_Scanners&metricKeys=new_coverage%2Cnew_uncovered_lines%2Cnew_uncovered_conditions&strategy=children

 
HTH,
Ann

Hello Ann,

Even I got new_coverage & new_duplicated_lines_density.
But how to get new_reliability_rating, new_security_rating & new_sqale_rating? I doubt whether application level consolidation happens for these metrics.

application_metrics1002×379 24.1 KB

Hi,

It looks like you’re right & we missed calculating some ratings on New Code in Applications. Although I do see a Security Review rating on New Code.

 
Ann

Hello,

Is there any estimated timelines to have this aggregation?

Hello,

Your question nudged my memory & prompted me to search Jira. Feel free to watch & vote for this:

SONAR-10744 Compute missing maintainability metrics for Applications

 
Ann

Thanks for sharing this Ann. However, I do not think I have permissions to vote & watch this Jira. However, I will note this Jira case and follow for updates.

In summary, no ratings are computed for new code at application level & for QG validation metrics of individual dashboards under Application are taken into account (hence, multiple QG failure updates one for each metrics of each dashboard in Application overview page).

I see that this case is created in 2017. Do you have have ETA for completion of this?

Hi,

Uhm… no. Some metrics are not calculated. Many others are.

I can only advise you to watch the ticket (which you’ll be able to do after signing up for an account).

 
Ann

With In summary, no ratings are computed for new code at application level I meant Maintainability, Security, Reliability, Relesability ratings. Individual metrics like bugs, vulnerabilities etc are calculated.

Thank you very much for your updates on this topics.