SonarCloud API - improvment opportunities

Hello,
I’m using SonarCloud APIs and I detected some problems / opportunities of improvments :

  1. The parameters are not the same between APIs. For example, the projects can be named project (api/project_branches/list), componentKeys (api/issues/search) , projectKey (api/hotspots/search), etc.
    => It would be better to use the same parameter name for all the time

  2. The doc does not provide all the values for the parameters. For example, the parameter metricKeys of the API Measure only provide the values ncloc,complexity,violations but more are available in reality.

  3. The API project_badges is not working. I tested several other API but this one return a message it is not able to find the project. Here is the souce code :

url = “https://sonarcloud.io/api/project_badges/measure

query = {

“project” : projectKey,

“branch” : branchKey,

“metric” : “security_rating”,

“p” : 1,

“ps” : 500

}

r = requests.get(

url,

params = query,

auth=(api_key,‘’),

verify=False)

return r

Agreed, the public API could use some TLC, and unifying the parameters names would be a solid improvement. This would have to be done with backward compatibility in mind so everyone that is using the API will not have to rewrite all their scripts overnight. Maybe sonarcloud could notify customers monthly if they use deprecated parameters during a multi months transition period.

Some other improvements for the API:

  • provide a Python SDK, this would increase adoption of the web API by making it easier to write automation scripts.
  • publish a terraform provider. There are many settings that are not shareable, so configuration as code would be much better than clicking around for organizations with many projects.

Hi @Seb421

Thanks for your feedback.

We are aware of the naming convention issue for the parameter. We have some long-term plans to improve that.

About the 3. point, have you check the documentation for this API. If your project is private you must provide a token. You can also get those URLs from the project page information: https://sonarcloud.io/project/information?id=[project key]

Let me know if you need more helps.

HTH

Hi Mathieu
sorry for my late answer. yes, I read the documentation and provided the right data, even for this private project (you can see in my code above the token is provided). I tested many other sonar API with success but this one is not working. The respond code is 200 and a SVG is created but with the message “Project not found” inside.