I am creating a web application that will let students deliver source code from different assignments and will give feedback based on different static code analysers. My question would be if there is a specific tool in sonar to access this functionality as a web service or API. I browsed the Web API but it seems that it does not fulfill my requirement. Is this possible?
What would be the best approach? Otherwise I guess I could launch the Sonar Docker container locally and somehow query sonar dynamically and obtain the different code error messages with the severity and so on.
The basic requeriment would be to analyse the source code of students deliverables “dynamically”, in a way that they resolve simple programming tasks and sonar gives them static code analysis. To do that, I’m creating a basic Spring Boot + Angular application and would be helpful to find a sonar endpoint, web service, interface or else to get the analysis of the source code with the source code as input, the format in which the request and response is not as important, as I could adapt it but I was wondering if this feature was available.
To summarise, I need some “endpoint” to obtain the source code analysis messages from the inputted source code that students submit in the application.
What you’re asking for doesn’t exist, as such.
The “endpoint… to get the analysis of the source code” is invoking a SonarScanner. For Spring Boot + Angular that would be the SonarScanner for Gradle, or possibly the SonarScanner for Maven.
That will submit the analysis to your SonarQube instance, where students can go to see the results.
To keep students from copying each other, you’ll want to
create a user account for each student
pre-provision each student’s projects and tightly assign permissions
Both of these steps should be scriptable via the APIs the UI is built with. The best way to master the API is to perform the desired action via the UI and eavesdrop to see which calls the UI made to accomplish the action.
,