At Sonar, we’re dedicated to helping development teams build trust into every line of code. We believe that developing secure quality code shouldn't be an afterthought; it should be a core part of the development lifecycle. But in today's complex world of microservices and distributed architectures, maintaining visibility across all projects and teams is a challenge. Information gets siloed, making it difficult for developers, managers, and platform teams to get a clear, contextualized view of their organization's code health.
That’s why we’re excited to announce our partnership with Port, the creator of a leading internal developer portal. By integrating SonarQube's best-in-class code quality and security analysis directly into Port's software catalog, we’re providing a single pane of glass for engineering organizations to build better, more secure software, faster.
A centralized view for all stakeholders
The Sonar and Port integration is designed to provide clear, actionable insights and allow significant operability between SonarQube and Port. By enriching Port’s catalog of technical assets with deep code-level intelligence from SonarQube, we unlock powerful new capabilities for different roles.
For engineering leadership
Gaining a high-level perspective without drowning in details is key for effective leadership. This integration provides a comprehensive overview of your organization's code quality and security posture at a glance.
- Comprehensive dashboards: Access dashboards in Port that aggregate Sonar metrics, offering a complete view of code quality and security across all teams.
- Track quality gates: Monitor the status of SonarQube quality gates for every service directly within the developer portal, ensuring standards are met consistently across the board.
- Centralize standards: Easily see how coding standards are being adopted and administered organization-wide.
For developers
Developers need to focus on shipping features, and context switching between tools slows them down. By surfacing SonarQube data directly in Port, we bring critical information into their daily workflow, right where they manage their services.
- Quality-focused prioritization: Developers can see critical quality and security issues related to their team's code right inside Port, helping them prioritize remediation tasks effectively.
- Full context: Sonar's code quality, security, and coverage information is displayed alongside the service's ownership details, dependencies, and other technical assets in the catalog, providing a holistic view.
- Streamlined remediation: Quickly navigate from a service in Port directly to the detailed analysis in SonarQube to explore and fix issues.
For platform & DevOps teams
Platform teams are responsible for enabling developers and ensuring organizational standards are met. This integration makes it easier than ever to drive the adoption of SonarQube and maintain a consistent quality bar.
- Monitor Sonar adoption: Track the percentage of services that have SonarQube integrated, and identify those that don't.
- Discover and Enable: Easily discover services that are not yet being analyzed by SonarQube and use Port’s self-service actions to enable them, ensuring complete coverage.
- Automate onboarding: When adding a new service to the catalog, you can onboard it to SonarQube in the same single action.
How it works
The integration is seamless. Port uses the SonarQube API to ingest project analysis data and display it within its software catalog. You can configure Port to pull key metrics such as:
- Reliability (bugs)
- Security (vulnerabilities)
- Maintainability (code smells)
- Coverage
- Duplications
- Quality gate status
This information can then be used to populate dashboards, create scorecards, and set organizational quality initiatives directly within your developer portal. For Port customers who aren't yet using SonarQube, a dedicated widget in the integrations marketplace helps them discover SonarQube as the preferred solution for code quality and security.
Better together
Implementing and managing code quality at scale requires clear insights and frictionless workflows. Our partnership with Port brings together Sonar's best-in-class code analysis with Port's powerful software catalog to create a centralized hub for engineering excellence. Now, our mutual customers can build trust in all their code—whether developer-written or AI-generated—while improving developer experience and operational efficiency.
To get started, check out the Port integration documentation or watch the on-demand webinar. Begin enriching your software catalog with SonarQube data today.