Hi all,

I love using Sonar cloud. I have many repos with sonar analysis configured. I’m looking for a way to generate a summary report ACROSS ALL sonar PROJECTS with the following properties:

• Project name
• A-E for Bugs
• A-E Vulnerabilities
• A-E Hotspots reviewed
• A-E Code smells
• A-E duplications

maybe with some additional useful properties on each grading

I couldn’t find any report feature like this in https://sonarcloud.io/projects

I’ve tried using https://sonarcloud.io/api/projects/search?organization=xxx but this doesn’t include the A-E grading on each of the above categories. only get

  {
    "paging": {
    "pageIndex": 1,
    "pageSize": 100,
    "total": 45
  },
  "components": [
    {
      "organization": "...",
      "key": "...",
      "name": "...",
      "qualifier": "..."
      "visibility": "...",
      "lastAnalysisDate": "...",
      "revision": "..."
    },
    ...

I’ve also tried using https://www.npmjs.com/package/node-sonar-api

Any suggestions would be great!

Hey there.

If you’re fine with going the API route (and iterating through a list of projects), using GET api/measures/component with the right metricKeys (see documentation on Metric Definitions should help you. ( sqale_rating , security_rating , reliability_rating , security_review_rating , etc.) should help you.

// https://sonarcloud.io/api/measures/component?component=maven-basic&metricKeys=sqale_rating,security_rating,reliability_rating,security_review_rating
{
   "component":{
      "id":"AX1MWN1rrurMTjyeNaqN",
      "key":"maven-basic",
      "name":"Example of basic Maven project",
      "qualifier":"TRK",
      "measures":[
         {
            "metric":"reliability_rating",
            "value":"1.0",
            "bestValue":true
         },
         {
            "metric":"security_rating",
            "value":"1.0",
            "bestValue":true
         },
         {
            "metric":"security_review_rating",
            "value":"1.0",
            "bestValue":true
         },
         {
            "metric":"sqale_rating",
            "value":"1.0",
            "bestValue":true
         }
      ]
   }
}

Thanks @Colin that worked great!

NodeJS code snippet below for others to use

import fetch from "node-fetch";

let apiRootUrl = "https://sonarcloud.io/api";

let projectsEndPoint = `${apiRootUrl}/projects/search?organization=[[Organisation]]`;
let measuresEndPoint = `${apiRootUrl}/measures`;
let measureFields = "metricKeys=sqale_rating,security_rating,reliability_rating,security_review_rating";

let settings = {
  method: "Get",
  headers: {
    Authorization:
      "Basic [[Token]]",
  },
};

fetch(projectsEndPoint, settings)
  .then((res) => {
    return res.json();
  })
  .then((json) => {
    const components = json.components;

    let promises = [];
    components.forEach((component) => {
      const url = `${measuresEndPoint}/component?component=${component.key}&${measureFields}`;
      promises.push(fetch(url, settings));
    });
    return Promise.all(promises);
  })
  .then(function (responses) {
    return Promise.all(
      responses.map(function (response) {
        if (response.ok) {
          return response.json();
        }
        throw new Error(response.statusText);
      })
    );
  })
  .then(function (measures) {
      measures.map(function (measure) {
          console.log(measure.component.name)
          console.log(measure.component.measures);
      });
  });

Could you help to know how to run this nodejs code.

I tried via online compiler https://onecompiler.com and got below error.

Output:

index.js:1
import fetch from "node-fetch";
^^^^^^

SyntaxError: Cannot use import statement outside a module
    at Module._compile (internal/modules/cjs/loader.js:895:18)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:995:10)
    at Module.load (internal/modules/cjs/loader.js:815:32)
    at Function.Module._load (internal/modules/cjs/loader.js:727:14)
    at Function.Module.runMain (internal/modules/cjs/loader.js:1047:10)
    at internal/main/run_main_module.js:17:11