Must-share information (formatted with Markdown):
How to get the latest version of sonarqube with using API
Hey there.
Can you help us understand how this would be useful for you? What are you trying to accomplish?
In any case GET api/system/upgrades might be useful for you if your SonarQube server can access the internet. It lists available upgrades for the SonarQube instance, like this!
// 20220104122038
// http://localhost:9000/api/system/upgrades
{
"upgrades": [
{
"version": "8.9.2",
"description": "Long-Term Support version - LTS bug fixes",
"releaseDate": "2021-07-28",
"changeLogUrl": "https://jira.sonarsource.com/secure/ReleaseNote.jspa?projectId=10930&version=16842",
"downloadUrl": "https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.9.2.46101.zip",
"downloadDeveloperUrl": "https://binaries.sonarsource.com/CommercialDistribution/sonarqube-developer/sonarqube-developer-8.9.2.46101.zip",
"downloadEnterpriseUrl": "https://binaries.sonarsource.com/CommercialDistribution/sonarqube-enterprise/sonarqube-enterprise-8.9.2.46101.zip",
"downloadDatacenterUrl": "https://binaries.sonarsource.com/CommercialDistribution/sonarqube-datacenter/sonarqube-datacenter-8.9.2.46101.zip",
"plugins": {
"requireUpdate": [
],
"incompatible": [
]
}
},
This is awesome - but for any drive-bys, remember to authenticate with a Sonarqube user.
FWIW, my use-case is for monitoring - I check this, and if a bug release is available, I just say that (as “green”). If a dot release is available, I’ll output it with a monitoring warning, if a major version, then I go critical.
My wish list would be to have this output include if the version I’m running contains a critical security bug, that the output says something like “critical_upgrade: true”. That way I can ‘go critical’ even if it’s just a bug fix release. The monitoring alert will prompt the administrator to actually do it, rather than it sitting there for a couple of months until someone things to check into it.