SonarQube is an open-source platform for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages.

Use the SEI SonarQube integration to integrate SEI with SonarQube or SonarCloud.


To use the SEI SonarQube integration you need a SonarQube API token.

  1. The user creating the token must have Administer System permissions.

    • To configure permissions in SonarQube, go to Administration, then Security, and then Global Permissions.

    • Due to the scope of access required, consider using a managed service account, rather than a personal user account, to create the token.

  2. For instructions on creating API tokens, go to the SonarQube documentation on Generating and using tokens.

  3. Copy the key somewhere that you can retrieve it when you configure the integration.

Configure the integration on cloud

  1. Select Integrations under Settings.

  2. Select Available Integrations, locate the SonarQube integration, and select Install.

  3. Configure and save the integration.

    • URL: Enter the URL of the server where SonarQube is running. For SonarCloud, enter

    • Username: The email address of the user that created the token in SonarQube.

    • API Key: Enter the SonarQube API token.

    • Organization: Enter your SonarQube Organization Name. For SonarCloud, you can find your organization name under My Account. Note that Organization Key is different from the Organization Name.

    • Project Keys: Enter one or more project keys to ingest. If you want SEI to ingest all projects, leave this field empty. Project keys are case sensitive.

  • Name: Enter a name for the integration.

  • Description and Tags are optional.

To integrate with the on-premises SonarQube instances, you must use an Ingestion Satellite.

Please note that after adding an integration, it may take up to 24 hours for the data to be fully reflected on SEI. This means that any widgets you configure on Insights using this integration may not display data until the synchronization is completed.

Configuring the integration using satellite

The steps for configuring the integration using satellite is similar to configuring the integration on cloud, with the exception of using satellite to communicate with the SonarQube server.

Make sure to select the satellite integration checkbox while configuring the integration. Once you save the integration a satellite.yml file will be automatically generated and downloaded to your computer. Update it following the instructions here.

If you experience any issues while configuring the integration using the Ingestion Satellite, refer to the Ingestion Satellite Troubleshooting and FAQs.

Here’s a sample satellite.yml

  tenant: foo
  api_key: <SEI-API-KEY>
  url: ''
  - id: '4711'
    application: sonarqube
    url: ''
    username: codewdhruv
    api_key: <SONARQUBE-API-KEY>
      organization: <ORG_NAME>
      project_keys: <PROJECT_KEYS>


In case you do not see data for all projects initially, add a new metadata field use_privileged_APIs in the satellite.yml file and set the value to True. This needs the generated API KEY to have the Requires ‘Administer System’ permissions in SonarQube. For more information, go to SonarQube Documentation.

Last updated