Run any Skill in Manus with one click

sonarcloud-api

Expert guidance for using the SonarCloud API to interact with code quality analysis, projects, issues, quality gates, and metrics. Use this skill when making API calls to SonarCloud, automating code quality workflows, retrieving analysis results, managing projects programmatically, or integrating SonarCloud with CI/CD pipelines. Trigger keywords include "SonarCloud", "SonarCloud API", "code quality API", "SonarQube Cloud", "quality gate", "code analysis API", "SonarCloud measures", "SonarCloud issues".

Run Skill in Manus

Overview

Install command

npx skills add https://github.com/aehrc/pathling --skill sonarcloud-api

Copy and paste this command into Claude Code to install the skill

Source

aehrc/pathling

Stars128

Forks23

UpdatedFebruary 20, 2026 at 06:15

File Explorer

4 files

SKILL.md

readonly

name

sonarcloud-api

description

SonarCloud API

Overview

SonarCloud provides two API versions for programmatic access:

Web API v2 - Modern REST API with OpenAPI specifications at https://api.sonarcloud.io/api/v2/
Web API v1 - Legacy API at https://sonarcloud.io/api/ with comprehensive endpoint coverage

Quick start

# Get project metrics
curl -X GET "https://sonarcloud.io/api/measures/component?component=my_project&metricKeys=bugs,vulnerabilities,code_smells" \
  -H "Authorization: Bearer YOUR_TOKEN"

Authentication

Use bearer token authentication for all requests:

Authorization: Bearer <token>

Token types

Token Type	Plan	Scope	Use Case
Personal Access Token	Free	User-level	Individual API access
Organisation Token	Team	Organisation-scoped	CI/CD, automation

Generate tokens at Account > Security > Generate Tokens in SonarCloud UI.

Base URLs

API Version	Base URL
Web API v1	`https://sonarcloud.io/api/`
Web API v2	`https://api.sonarcloud.io/api/v2/`

Request format

Content-Type: application/x-www-form-urlencoded (v1) or application/json (v2)

For POST requests, use form data parameters rather than URI query parameters.

Rate limiting

Requests are rate-limited. When exceeded, the API returns HTTP 429. Wait several minutes before retrying.

Pagination

Most list endpoints support pagination with p (page number) and ps (page size) parameters.

Common tasks

Get project quality gate status

curl -X GET "https://sonarcloud.io/api/qualitygates/project_status?projectKey=my_project" \
  -H "Authorization: Bearer YOUR_TOKEN"

Search issues

curl -X GET "https://sonarcloud.io/api/issues/search?componentKeys=my_project&types=BUG,VULNERABILITY" \
  -H "Authorization: Bearer YOUR_TOKEN"

Get component measures

curl -X GET "https://sonarcloud.io/api/measures/component?component=my_project&metricKeys=ncloc,coverage,duplicated_lines_density" \
  -H "Authorization: Bearer YOUR_TOKEN"

List projects

# v2 API
curl -X GET "https://api.sonarcloud.io/api/v2/projects?organization=my_org" \
  -H "Authorization: Bearer YOUR_TOKEN"

API reference

For detailed endpoint documentation, see the reference files:

v2-api.md - Modern v2 API endpoints (Projects, Quality Gates, Analysis, Organisations)
v1-api.md - Legacy v1 API endpoints (Issues, Measures, Components, Rules)
metrics.md - Available metric keys and their meanings

Error handling

Status Code	Meaning
400	Bad request - check parameters
401	Unauthorised - invalid or missing token
403	Forbidden - insufficient permissions
404	Not found - resource does not exist
429	Rate limited - wait and retry
500	Server error

CI/CD integration examples

GitHub Actions

- name: Check Quality Gate
  run: |
      STATUS=$(curl -s -H "Authorization: Bearer ${{ secrets.SONAR_TOKEN }}" \
        "https://sonarcloud.io/api/qualitygates/project_status?projectKey=${{ vars.SONAR_PROJECT_KEY }}" \
        | jq -r '.projectStatus.status')
      if [ "$STATUS" != "OK" ]; then
        echo "Quality Gate failed"
        exit 1
      fi

GitLab CI

check_quality_gate:
    script:
        - |
            STATUS=$(curl -s -H "Authorization: Bearer $SONAR_TOKEN" \
              "https://sonarcloud.io/api/qualitygates/project_status?projectKey=$SONAR_PROJECT_KEY" \
              | jq -r '.projectStatus.status')
            if [ "$STATUS" != "OK" ]; then exit 1; fi

More from this repository

same repository

helm-charts

aehrc/pathling

Expert guidance for creating Helm charts with best practices. Use this skill when the user asks to create, modify, or review Helm charts, Kubernetes deployments, values.yaml files, or chart templates. Trigger keywords include "helm", "kubernetes chart", "k8s deployment", "helm template", "values.yaml".

2026-02-20128

playwright-testing

aehrc/pathling

Expert guidance for writing end-to-end tests with Playwright Test framework. Use this skill when writing browser automation tests, creating test suites, working with locators and assertions, mocking network requests, handling authentication, or configuring the Playwright test runner. Trigger keywords include "playwright", "e2e test", "end-to-end", "browser test", "getByRole", "locator", "toBeVisible", "page.goto", "test runner".

2026-02-20128

wiremock

aehrc/pathling

Expert guidance for using WireMock in Java applications for HTTP API mocking and testing. Use this skill when the user asks to mock HTTP APIs, create API stubs, test REST clients, simulate network faults, verify HTTP requests, or integrate WireMock with Spring Boot. Trigger keywords include "wiremock", "mock http", "stub api", "http mock", "api testing", "rest mock", "simulate fault", "verify request", "spring boot wiremock".

2026-02-20128

databricks-cli

aehrc/pathling

Expert guidance for using the Databricks CLI to manage Databricks workspaces, clusters, jobs, pipelines, Unity Catalog, SQL warehouses, serving endpoints, secrets, bundles, and all other Databricks resources. Use this skill when running databricks commands, managing Databricks infrastructure, deploying bundles, querying serving endpoints, managing Unity Catalog objects, or automating Databricks workflows. Trigger keywords include "databricks", "databricks cli", "dbfs", "unity catalog", "databricks bundle", "databricks jobs", "databricks clusters", "sql warehouse", "serving endpoint", "databricks secrets".

2026-02-17128

hapi-fhir-server

aehrc/pathling

Expert guidance for implementing FHIR servers using HAPI FHIR Plain Server framework. Use this skill when creating RESTful FHIR server implementations, implementing resource providers, adding FHIR operations (read, create, update, delete, search, $operations), implementing server interceptors for logging, security, and validation, setting up authentication and authorisation, or configuring FHIR server behaviour. Trigger keywords include "HAPI", "FHIR server", "RestfulServer", "resource provider", "IResourceProvider", "FHIR interceptor", "AuthorizationInterceptor", "FhirContext", "FHIR validation", "FHIR search", "FHIR operation".

2026-02-13128

fhir-api

aehrc/pathling

Expert guidance for implementing FHIR RESTful API servers and clients following the HL7 FHIR specification. Use this skill when implementing a FHIR server with REST endpoints, building a FHIR client, designing FHIR API routes and handlers, implementing FHIR operations (read, create, update, delete, search, history), working with FHIR bundles, batch requests, or transactions, handling FHIR content negotiation, headers, and versioning, or implementing conditional operations. Trigger keywords include "FHIR REST", "FHIR API", "FHIR server", "FHIR client", "FHIR endpoint", "FHIR operations", "RESTful FHIR", "implement FHIR".

2026-02-13128

Source

aehrc

aehrc/pathling

View GitHub Repository View Creator Repositories

Install command

Download

Run Skill in Manus

Useful forSOC

Software DevelopersComputer and Mathematical Occupations15-1252L4

name

sonarcloud-api

description

SonarCloud API

Overview

SonarCloud provides two API versions for programmatic access:

Web API v2 - Modern REST API with OpenAPI specifications at https://api.sonarcloud.io/api/v2/
Web API v1 - Legacy API at https://sonarcloud.io/api/ with comprehensive endpoint coverage

Quick start

# Get project metrics
curl -X GET "https://sonarcloud.io/api/measures/component?component=my_project&metricKeys=bugs,vulnerabilities,code_smells" \
  -H "Authorization: Bearer YOUR_TOKEN"

Authentication

Use bearer token authentication for all requests:

Authorization: Bearer <token>

Token types

Token Type	Plan	Scope	Use Case
Personal Access Token	Free	User-level	Individual API access
Organisation Token	Team	Organisation-scoped	CI/CD, automation

Generate tokens at Account > Security > Generate Tokens in SonarCloud UI.

Base URLs

API Version	Base URL
Web API v1	`https://sonarcloud.io/api/`
Web API v2	`https://api.sonarcloud.io/api/v2/`

Request format

Content-Type: application/x-www-form-urlencoded (v1) or application/json (v2)

For POST requests, use form data parameters rather than URI query parameters.

Rate limiting

Requests are rate-limited. When exceeded, the API returns HTTP 429. Wait several minutes before retrying.

Pagination

Most list endpoints support pagination with p (page number) and ps (page size) parameters.

Common tasks

Get project quality gate status

curl -X GET "https://sonarcloud.io/api/qualitygates/project_status?projectKey=my_project" \
  -H "Authorization: Bearer YOUR_TOKEN"

Search issues

curl -X GET "https://sonarcloud.io/api/issues/search?componentKeys=my_project&types=BUG,VULNERABILITY" \
  -H "Authorization: Bearer YOUR_TOKEN"

Get component measures

curl -X GET "https://sonarcloud.io/api/measures/component?component=my_project&metricKeys=ncloc,coverage,duplicated_lines_density" \
  -H "Authorization: Bearer YOUR_TOKEN"

List projects

# v2 API
curl -X GET "https://api.sonarcloud.io/api/v2/projects?organization=my_org" \
  -H "Authorization: Bearer YOUR_TOKEN"

API reference

For detailed endpoint documentation, see the reference files:

v2-api.md - Modern v2 API endpoints (Projects, Quality Gates, Analysis, Organisations)
v1-api.md - Legacy v1 API endpoints (Issues, Measures, Components, Rules)
metrics.md - Available metric keys and their meanings

Error handling

Status Code	Meaning
400	Bad request - check parameters
401	Unauthorised - invalid or missing token
403	Forbidden - insufficient permissions
404	Not found - resource does not exist
429	Rate limited - wait and retry
500	Server error

CI/CD integration examples

GitHub Actions

- name: Check Quality Gate
  run: |
      STATUS=$(curl -s -H "Authorization: Bearer ${{ secrets.SONAR_TOKEN }}" \
        "https://sonarcloud.io/api/qualitygates/project_status?projectKey=${{ vars.SONAR_PROJECT_KEY }}" \
        | jq -r '.projectStatus.status')
      if [ "$STATUS" != "OK" ]; then
        echo "Quality Gate failed"
        exit 1
      fi

GitLab CI

check_quality_gate:
    script:
        - |
            STATUS=$(curl -s -H "Authorization: Bearer $SONAR_TOKEN" \
              "https://sonarcloud.io/api/qualitygates/project_status?projectKey=$SONAR_PROJECT_KEY" \
              | jq -r '.projectStatus.status')
            if [ "$STATUS" != "OK" ]; then exit 1; fi