Hosted solution for SonarQube

For some time now, talking about code inspection, code analysis and code quality metrics, has been synonymous with SonarQube (formerly known as Sonar).

This post will not talk about the benefits of this excellent product, but if you do not know it we invite you to consult these references:

  1. Continuous Inspection White Paper
  2. SonarQube Features

There are many ways to get metrics. We have tools like PMD, CheckStyle or Findbugs, which we can use for our local development environment using the command line, our IDE or through Jenkins plugins. However, what we’re proposing is for SonarQube to do that work.

ClinkerHQ Cloud gives us the possibility to use SonarQube with all the advantages of SaaS (Software as a Service). What does it mean for SonarQube to be available in ClinkerHQ Cloud?

  1. Preconfigured plugins
  2. Integration with Jenkins
  3. Integration with Redmine
  4. LTS versions (Long Term Support)
  5. Ability to install new plugins, both open-source and commercial
  6. Integration with SSO (Single Sign-On). Centralized management of users, groups and permissions. Authentication, authorization and session propagation among other tools.

One of the most significant features of ClinkerHQ Cloud is that each client has his/her own private, exclusive and dedicated instance. For this reason, the customization options and adaptation to specific needs are plentiful.

If you’re asking yourself:

  1. Can I get a ClinkerHQ Cloud plan and use only SonarQube? Yes, in fact if you need it, we can disable the other tools for CPU, RAM and storage dedicated to SonarQube
  2. I have a Continuous Integration environment. Can I integrate this with the installation of SonarQube that ClinkerHQ provides? Yes, no problem
  3. Is there a limit to the number of projects? No, the only limitations are the resources of each plan (CPU, RAM and Storage)
  4. We have been using SonarQube for some time and we would like to use ClinkerHQ but do not want to lose the historical data. Is it possible to import? Yes, we would first just have to analyze what version of SonarQube you were using.

If you are looking for a solution that allows you to use SonarQube as service (or hosted) because you do not want to spend time on installation, configuration and maintenance, ClinkerHQ is an option for you.

Jenkins Celebration Day

Without doubt, today is an important day. The Jenkins project is celebrating 100,000 installations, 1,000 plug-ins and its first 10 years of existence.

Not only does Jenkins play a very important role in our product, we’re also aware of the effort and perseverance required for a piece of software to become a reference point within its category, so the ClinkerHQ team would all like to thank:

  1. The project leaders. We won’t mention anyone in particular, but those who participate in the community know who they are.
  2. Those who help make it possible for others to contribute.
  3. Those who enthusiastically dedicate their time to achieving the figures mentioned.
  4. All those companies committed to open source software on both sides: using and constructing.

And, on that last point, we must give a special mention to CloudBees. We say this last point in a low voice so no-one can hear us, as we say in Spain. More than a few times we’ve had to answer the questions: “What does ClinkerHQ provide compared to CloudBees?” and “Why would ClinkerHQ be a better solution?”

Grains of sand on the beach

Obviously we say ClinkerHQ is linked to opensource software. It’s a product based on the integration of opensource software tools. Precisely what we do is that all these integrated tools form a more sophisticated system to manage the lifecycle of our software engineering projects.

Our team believes that we have a debt to the opensource software community, and all those people and companies behind these tools. This is why that to the best of our ability we try to contribute our grain of sand.

Recently we launched a mirror service located in Spain to improve downloads of Jenkins and SonarQube. From looking at the access statistics we can see it was really needed.

To talk about the Netty project is to talk about one of the biggest projects in recent years. Both Norman Maurer and Trustin Lee are two great engineers who daily share their experience so that we others can learn.

Through twitter we heard they were having problems with their current continuous integration environment, and we didn’t hesitate a second to provide a ClinkerHQ Cloud Instance completely free of charge. The experience during the period of initial setup and migration has been amazing. It’s been very satisfying for our team to see that our product focus, different from our competitors, fits into scenarios that are present on our blackboard.

If you’d like more information about ClinkerHQ, don’t hesitate to get in touch with us at @clinkerhq or hello@clinkerhq.com

Sonar PDF Report Plugin 2.11

We are pleased to announce a new release of Sonar PDF Plugin (Commercial edition).

SonarQube 4.4 was published in July, 31. A lot of changes come with it, and one of them made Sonar PDF Plugin unusable: the XML support in the WS API was removed, only JSON format is available now.

Today, seven days later we are ready to support the JSON API in PDF Plugin. Version 2.11 does not include big features or improvements, but it is compatible with SonarQube 4.4.

So, if you are an early adopter and you are already using 4.4, take a look at the plugin page and request for an evaluation license!

ClinkerHQ Single Sign On

As you perhaps know, ClinkerHQ includes a set of tools that can help you to manage your software development life cycle. But ClinkerHQ goes beyond that, we have developed additional pieces to make as easy as possible what is usually difficult, saving you both time and money.

One of the key parts of this “glue” is ClinkerHQ SSO Gateway. This component acts as an identity provider and authorization source inside the ecosystem. Like any advanced SSO system, ClinkerHQ SSO has four main features:

  • Authentication: Who are you?
  • Authorization: What are you allowed to do?
  • Session propagation: I already know who you are.
  • Anonymous access.

When you do login on every integrated application (Jenkins, Sonar, Redmine, etc) you will always see the same login form (it is actually the SSO Gateway login form). This is authentication:

ClinkerHQ SSO Gateway

After login you will be redirected to the original application. At this point, authorization, the second part of the SSO comes into play. Every application has an SSO plugin installed, which must do the following:

  1. Catch the incoming request
  2. Check the authentication state
  3. Get the list of permissions for the user from the SSO
  4. Set up the logged in session in the concrete application

As a result, the user only perceives that the login form is not the same as the one in the original application. But there is one other feature that you’ll love. If the user opens a new browser tab and goes to another application the logged in session will be automatically propagated; no new login (nor click on login button) is required. This is session propagation, and it is performed as part of point 1 described above. If the incoming request comes with an alive SSO session, the authorization is done automatically (without user interaction).

The Single Sign On provides ClinkerHQ users with two main benefits:

  • Work and surf on the ecosystem doing only one login.
  • Centralize the users and permissions management on one tool.

At this point, you are probably thinking “What is the management tool?” It is ClinkerHQ Desktop, and we will talk about it soon in this blog, so stay tuned!

If you want to see the SSO working, we published a video some time ago (it’s really about configuring a Scala project in ClinkerHQ, but you will perceive the SSO there).