How to reverse engineer the Sonar Web API

Every action that is taken in the SonarQube / SonarCloud UI is driven by the Web API. There is nothing you can do in SonarQube / SonarCloud that you cannot do using the Web API.

:warning: We put a great deal of effort into the UI and UX of our products and sincerely think that most actions should be completed there. Especially when it comes to viewing analysis results, the UI is the best place to view up-to-date information with the right context. We think it is much better that you give access to others to view analysis data within our products, rather than craft some export.

And, we recognize that there are common administrative actions where using Web APIs to help with automation makes sense. There are also surely some interesting reports not available in the UI where you would need to export the data from SonarQube.

A link to the Web API documentation for your SonarQube instance can always be found in the footer of your instance. The SonarCloud Web API is documented here.

You’ll find that most endpoints are properly documented, while some are not or are lacking in documentation.

If you’re not sure which Web API to use, you can reverse engineer what’s happening in the UI by diving into your browser’s dev tools.

Example: Retrieve historical coverage measures

  • Go to the Activity tab of a project

  • Open your browser’s dev tools (here we’ll use Chrome), switch to the Network tab, and select the Fetch/XHR filter:

  • Switch the metric filter to Coverage

Suddenly, it’s very clear from the Request URL which API was called. The Payload tab and Preview/Response tabs make it clear what query parameters are used and what the response was.

Thanks to Discourse for the inspiration

8 Likes

Hi Colin, i really like this explanation. I am not that much interested in frontend development and that made it hard for me to “grok” the easy way that Ann mentioned in some replies (how to eavesdrop on the Web API usage) :+1: For this, your howto helps a lot!

Concerning the below quoted paragraph (and combining it with your current survey question about “communitysm”) … maybe you might be able to find a way how to “channel” some energy concerning “common administrative actions”? I really would be looking forward to it! (because some lonely helpful threads really get easily lost in the sea of new postings).

Sadly, i was not able to find an easy solution … how to structure that? By tag? In its own “compartment” (e.g. smth like here)? I have no good suggestion to make :confused:

1 Like

Hey Colin,

great post! This is exactly what I have been using for years to get in deeper with many tools.
I remember with a shudder the crappy browser tools of IE 11, but these days press F12 and start diving :joy:

Gilbert

1 Like