@natsunaaa/export-sonarqube-report
v0.1.62
Published
Generate PDF reports from SonarQube Community Edition
Maintainers
Readme
@natsunaaa/export-sonarqube-report
Generate reports (PDF / Excel / CSV / HTML) from SonarQube Community Edition.
English
Community Edition doesn't include built-in reporting. This tool fills that gap by calling the SonarQube Web API and generating reports in multiple formats (PDF, Excel, CSV, HTML) with quality gate status, metrics, and issues.
Examples
# Basic report (default: PDF, all issues included)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 \
-t <your-sonarqube-token> \
-k my-project-key \
-o report.pdf
# Excel report (.xlsx) — multiple sheets: Summary, Quality Gate, Metrics, Issues
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f excel -o report.xlsx
# CSV report — UTF-8 with BOM (Excel-compatible for non-ASCII characters)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f csv -o report.csv
# HTML report — self-contained with inline CSS, viewable in any browser
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f html -o report.html
# SonarQube 10+: filter by Software Quality (matches console categories)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--software-qualities RELIABILITY -o reliability-report.pdf
# SonarQube 10+: filter by impact severity
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--impact-severities HIGH,MEDIUM -o high-medium-report.pdf
# Legacy: filter by type (BUG only)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--types BUG -o bugs-report.pdf
# Detailed report with source snippets and rule descriptions (works with all formats)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--software-qualities RELIABILITY --impact-severities HIGH \
--detail -f html -o critical-reliability.html
# Metrics + Quality Gate only (no issues)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--no-issues -o summary.pdf
# Using SONAR_TOKEN env variable
SONAR_TOKEN=your-token npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t -k my-project -o report.pdfInstallation
npm i @natsunaaa/export-sonarqube-reportCLI Usage
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 \
-t <your-sonarqube-token> \
-k my-project-key \
-o report.pdfOptions
| Option | Description |
| ------------------------------- | ---------------------------------------------------------------------- |
| -u, --url <url> | SonarQube server URL (required) |
| -t, --token <token> | Authentication token, or set SONAR_TOKEN env (required) |
| -k, --project-key <key> | SonarQube project key (required) |
| -o, --output <path> | Output file path (extension auto-set from format if omitted) |
| -f, --format <format> | Output format: pdf (default), excel, csv, html |
| --title <title> | Custom report title |
| --no-issues | Exclude issues from report |
| --detail | Include source snippets and rule descriptions (works with all formats) |
| --severities <list> | Filter by legacy severity: BLOCKER,CRITICAL,MAJOR,MINOR,INFO |
| --impact-severities <list> | Filter by impact severity (SonarQube 10+): HIGH,MEDIUM,LOW,INFO |
| --software-qualities <list> | Filter by software quality (SonarQube 10+): SECURITY,RELIABILITY,MAINTAINABILITY |
| --types <list> | Filter by issue type: BUG,VULNERABILITY,CODE_SMELL |
SonarQube 10+ vs Legacy Filtering
SonarQube 10+ introduced a new classification system based on Software Quality and Impact Severity, which differs from the legacy system.
| Console Category | New Filter (--software-qualities) | Legacy Filter (--types) |
| ----------------- | ----------------------------------- | ------------------------- |
| Security | SECURITY | VULNERABILITY |
| Reliability | RELIABILITY | BUG |
| Maintainability | MAINTAINABILITY | CODE_SMELL |
| Console Severity | New Filter (--impact-severities) | Legacy Filter (--severities) |
| ---------------- | ---------------------------------- | ------------------------------------- |
| High | HIGH | BLOCKER,CRITICAL |
| Medium | MEDIUM | MAJOR |
| Low | LOW | MINOR |
| Info | INFO | INFO |
Tip: To match the numbers shown in SonarQube 10+ console, use
--software-qualitiesand--impact-severitiesinstead of--typesand--severities.
Output Formats
| Format | Extension | Description |
| ------ | --------- | ------------------------------------------------------------------------------------------------- |
| pdf | .pdf | Print-ready document with formatted layout (default) |
| excel| .xlsx | Multi-sheet spreadsheet (Summary, Quality Gate, Metrics, Issues) with auto-filter on Issues sheet |
| csv | .csv | UTF-8 with BOM for Excel compatibility; sections separated by blank lines |
| html | .html | Self-contained HTML with inline CSS, viewable in any browser |
--detail works with every format:
- PDF / HTML: rule description and source snippet displayed inline below each issue
- Excel / CSV: extra columns added —
Rule Name,Rule Description,Source Snippet
Library Usage
import { generateReport } from "@natsunaaa/export-sonarqube-report";
const outputPath = await generateReport(
{
baseUrl: "http://localhost:9000",
token: process.env.SONAR_TOKEN!,
projectKey: "my-project",
},
{
output: "report.xlsx",
format: "excel",
title: "Sprint Report",
softwareQualities: ["RELIABILITY"],
impactSeverities: ["HIGH", "MEDIUM"],
detail: true,
},
);You can also call format-specific generators directly:
import { SonarQubeClient, generateExcel, generateHtml } from "@natsunaaa/export-sonarqube-report";
const client = new SonarQubeClient({ baseUrl, token, projectKey });
const data = {
title: "My Report",
projectKey,
generatedAt: new Date(),
qualityGate: await client.getQualityGateStatus(),
metrics: await client.getMetrics(),
issues: await client.getAllIssues(),
};
await generateExcel(data, "report.xlsx");
await generateHtml(data, "report.html");Using the client directly
import { SonarQubeClient } from "@natsunaaa/export-sonarqube-report";
const client = new SonarQubeClient({
baseUrl: "http://localhost:9000",
token: process.env.SONAR_TOKEN!,
projectKey: "my-project",
});
const metrics = await client.getMetrics();
const qualityGate = await client.getQualityGateStatus();
const { issues, total } = await client.getIssues({
impactSeverities: ["HIGH"],
softwareQualities: ["RELIABILITY"],
});Report Contents
- Quality Gate status (PASSED / FAILED)
- Metrics: bugs, vulnerabilities, code smells, coverage, duplications, lines of code, ratings
- Issues grouped by Software Quality and impact severity (SonarQube 10+)
- Issue details with file location, source snippets, and rule descriptions (with
--detail) - Available in PDF, Excel, CSV, and HTML formats
Requirements
- Node.js >= 18
- SonarQube server with a valid user token
한국어
SonarQube Community Edition에는 리포트 기능이 없습니다. 이 도구는 SonarQube Web API를 호출하여 Quality Gate 상태, 메트릭, 이슈를 PDF / Excel / CSV / HTML 리포트로 생성합니다.
예시
# 기본 리포트 (기본값 PDF, 전체 이슈 포함)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 \
-t <소나큐브-토큰> \
-k my-project-key \
-o report.pdf
# Excel 리포트 (.xlsx) — Summary, Quality Gate, Metrics, Issues 시트로 구성
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f excel -o report.xlsx
# CSV 리포트 — UTF-8 BOM 포함 (한글이 Excel에서 깨지지 않음)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f csv -o report.csv
# HTML 리포트 — 인라인 CSS, 어떤 브라우저에서도 열람 가능
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f html -o report.html
# SonarQube 10+: Software Quality 기준 필터 (콘솔 카테고리와 동일)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--software-qualities RELIABILITY -o reliability-report.pdf
# SonarQube 10+: impact severity 기준 필터
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--impact-severities HIGH,MEDIUM -o high-medium-report.pdf
# 레거시: 타입 기준 필터 (BUG만)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--types BUG -o bugs-report.pdf
# 소스코드 스니펫 + 룰 설명 포함 상세 리포트 (모든 포맷에서 사용 가능)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--software-qualities RELIABILITY --impact-severities HIGH \
--detail -f html -o critical-reliability.html
# 메트릭 + Quality Gate만 (이슈 제외)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--no-issues -o summary.pdf
# SONAR_TOKEN 환경변수 사용
SONAR_TOKEN=your-token npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t -k my-project -o report.pdf설치
npm i @natsunaaa/export-sonarqube-reportCLI 사용법
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 \
-t <소나큐브-토큰> \
-k my-project-key \
-o report.pdf옵션
| 옵션 | 설명 |
| ------------------------------- | ----------------------------------------------------------------- |
| -u, --url <url> | SonarQube 서버 URL (필수) |
| -t, --token <token> | 인증 토큰, 또는 SONAR_TOKEN 환경변수 사용 (필수) |
| -k, --project-key <key> | SonarQube 프로젝트 키 (필수) |
| -o, --output <path> | 출력 파일 경로 (생략 시 포맷에 맞는 확장자 자동 적용) |
| -f, --format <format> | 출력 포맷: pdf (기본), excel, csv, html |
| --title <title> | 리포트 제목 |
| --no-issues | 이슈 목록 제외 |
| --detail | 소스코드 스니펫 및 룰 설명 포함 (모든 포맷 지원) |
| --severities <list> | 레거시 심각도 필터: BLOCKER,CRITICAL,MAJOR,MINOR,INFO |
| --impact-severities <list> | Impact 심각도 필터 (SonarQube 10+): HIGH,MEDIUM,LOW,INFO |
| --software-qualities <list> | Software Quality 필터 (SonarQube 10+): SECURITY,RELIABILITY,MAINTAINABILITY |
| --types <list> | 이슈 타입 필터: BUG,VULNERABILITY,CODE_SMELL |
SonarQube 10+ vs 레거시 필터링
SonarQube 10+에서는 Software Quality와 Impact Severity 기반의 새로운 분류 체계를 도입했습니다. 콘솔에 보이는 숫자와 동일한 결과를 얻으려면 새 필터를 사용하세요.
| 콘솔 카테고리 | 새 필터 (--software-qualities) | 레거시 필터 (--types) |
| ----------------- | ----------------------------------- | ------------------------- |
| Security | SECURITY | VULNERABILITY |
| Reliability | RELIABILITY | BUG |
| Maintainability | MAINTAINABILITY | CODE_SMELL |
| 콘솔 심각도 | 새 필터 (--impact-severities) | 레거시 필터 (--severities) |
| ----------- | ---------------------------------- | ------------------------------------- |
| High | HIGH | BLOCKER,CRITICAL |
| Medium | MEDIUM | MAJOR |
| Low | LOW | MINOR |
| Info | INFO | INFO |
팁: SonarQube 10+ 콘솔에 표시되는 숫자와 일치시키려면
--types/--severities대신--software-qualities/--impact-severities를 사용하세요.
출력 포맷
| 포맷 | 확장자 | 설명 |
| ------- | ------- | ----------------------------------------------------------------------------------- |
| pdf | .pdf | 인쇄에 최적화된 형식 (기본값) |
| excel | .xlsx | 다중 시트 (Summary, Quality Gate, Metrics, Issues), Issues 시트에 자동 필터 적용 |
| csv | .csv | UTF-8 BOM 포함 (Excel 한글 호환), 섹션 사이 빈 줄로 구분 |
| html | .html | 인라인 CSS 포함된 단일 파일, 어떤 브라우저에서도 열람 가능 |
--detail은 모든 포맷에서 동작합니다:
- PDF / HTML: 각 이슈 아래에 룰 설명과 소스 스니펫이 인라인으로 표시
- Excel / CSV:
Rule Name,Rule Description,Source Snippet컬럼이 추가됨
라이브러리 사용법
import { generateReport } from "@natsunaaa/export-sonarqube-report";
const outputPath = await generateReport(
{
baseUrl: "http://localhost:9000",
token: process.env.SONAR_TOKEN!,
projectKey: "my-project",
},
{
output: "report.xlsx",
format: "excel",
title: "스프린트 리포트",
softwareQualities: ["RELIABILITY"],
impactSeverities: ["HIGH", "MEDIUM"],
detail: true,
},
);포맷별 generator를 직접 호출할 수도 있습니다:
import { SonarQubeClient, generateExcel, generateHtml } from "@natsunaaa/export-sonarqube-report";
const client = new SonarQubeClient({ baseUrl, token, projectKey });
const data = {
title: "내 리포트",
projectKey,
generatedAt: new Date(),
qualityGate: await client.getQualityGateStatus(),
metrics: await client.getMetrics(),
issues: await client.getAllIssues(),
};
await generateExcel(data, "report.xlsx");
await generateHtml(data, "report.html");클라이언트 직접 사용
import { SonarQubeClient } from "@natsunaaa/export-sonarqube-report";
const client = new SonarQubeClient({
baseUrl: "http://localhost:9000",
token: process.env.SONAR_TOKEN!,
projectKey: "my-project",
});
const metrics = await client.getMetrics();
const qualityGate = await client.getQualityGateStatus();
const { issues, total } = await client.getIssues({
impactSeverities: ["HIGH"],
softwareQualities: ["RELIABILITY"],
});리포트 내용
- Quality Gate 상태 (PASSED / FAILED)
- 메트릭: 버그, 취약점, 코드 스멜, 커버리지, 중복률, 코드 라인 수, 등급
- Software Quality 및 Impact Severity 기준 이슈 분류 (SonarQube 10+)
- 이슈 상세 (파일 위치, 소스코드 스니펫, 룰 설명) —
--detail사용 시 - PDF, Excel, CSV, HTML 포맷 지원
요구사항
- Node.js >= 18
- 유효한 사용자 토큰이 있는 SonarQube 서버
中文
SonarQube Community Edition 不包含报告功能。本工具通过调用 SonarQube Web API,生成包含质量门状态、指标和问题的报告,支持 PDF / Excel / CSV / HTML 格式。
示例
# 基本报告(默认 PDF,包含所有问题)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 \
-t <你的SonarQube令牌> \
-k my-project-key \
-o report.pdf
# Excel 报告 (.xlsx) — 多个工作表:Summary, Quality Gate, Metrics, Issues
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f excel -o report.xlsx
# CSV 报告 — 包含 UTF-8 BOM(Excel 兼容非 ASCII 字符)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f csv -o report.csv
# HTML 报告 — 包含内联 CSS,可在任何浏览器中查看
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
-f html -o report.html
# SonarQube 10+:按软件质量过滤(与控制台分类一致)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--software-qualities RELIABILITY -o reliability-report.pdf
# SonarQube 10+:按影响严重程度过滤
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--impact-severities HIGH,MEDIUM -o high-medium-report.pdf
# 旧版:按类型过滤(仅 BUG)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--types BUG -o bugs-report.pdf
# 包含源代码片段和规则说明的详细报告(适用于所有格式)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--software-qualities RELIABILITY --impact-severities HIGH \
--detail -f html -o critical-reliability.html
# 仅指标 + 质量门(不含问题)
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t <token> -k my-project \
--no-issues -o summary.pdf
# 使用 SONAR_TOKEN 环境变量
SONAR_TOKEN=your-token npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 -t -k my-project -o report.pdf安装
npm i @natsunaaa/export-sonarqube-reportCLI 使用方法
npx @natsunaaa/export-sonarqube-report \
-u http://localhost:9000 \
-t <你的SonarQube令牌> \
-k my-project-key \
-o report.pdf选项
| 选项 | 说明 |
| ------------------------------- | ------------------------------------------------------------------ |
| -u, --url <url> | SonarQube 服务器 URL(必填) |
| -t, --token <token> | 认证令牌,或设置 SONAR_TOKEN 环境变量(必填) |
| -k, --project-key <key> | SonarQube 项目键(必填) |
| -o, --output <path> | 输出文件路径(省略时根据格式自动设置扩展名) |
| -f, --format <format> | 输出格式:pdf(默认)、excel、csv、html |
| --title <title> | 报告标题 |
| --no-issues | 不包含问题列表 |
| --detail | 包含源代码片段和规则说明(所有格式均支持) |
| --severities <list> | 按旧版严重程度过滤:BLOCKER,CRITICAL,MAJOR,MINOR,INFO |
| --impact-severities <list> | 按影响严重程度过滤(SonarQube 10+):HIGH,MEDIUM,LOW,INFO |
| --software-qualities <list> | 按软件质量过滤(SonarQube 10+):SECURITY,RELIABILITY,MAINTAINABILITY |
| --types <list> | 按问题类型过滤:BUG,VULNERABILITY,CODE_SMELL |
SonarQube 10+ 与旧版过滤对比
SonarQube 10+ 引入了基于软件质量和影响严重程度的新分类系统。要获得与控制台一致的数字,请使用新过滤器。
| 控制台分类 | 新过滤器 (--software-qualities) | 旧版过滤器 (--types) |
| ----------------- | ----------------------------------- | ------------------------- |
| Security | SECURITY | VULNERABILITY |
| Reliability | RELIABILITY | BUG |
| Maintainability | MAINTAINABILITY | CODE_SMELL |
| 控制台严重程度 | 新过滤器 (--impact-severities) | 旧版过滤器 (--severities) |
| -------------- | ---------------------------------- | ------------------------------------- |
| High | HIGH | BLOCKER,CRITICAL |
| Medium | MEDIUM | MAJOR |
| Low | LOW | MINOR |
| Info | INFO | INFO |
提示: 要匹配 SonarQube 10+ 控制台显示的数字,请使用
--software-qualities/--impact-severities代替--types/--severities。
输出格式
| 格式 | 扩展名 | 说明 |
| ------- | ------- | --------------------------------------------------------------------------------- |
| pdf | .pdf | 适合打印的格式化文档(默认) |
| excel | .xlsx | 多工作表(Summary, Quality Gate, Metrics, Issues),Issues 工作表含自动筛选 |
| csv | .csv | 含 UTF-8 BOM(兼容 Excel 非 ASCII 字符),各部分用空行分隔 |
| html | .html | 包含内联 CSS 的独立文件,可在任何浏览器中查看 |
--detail 适用于所有格式:
- PDF / HTML:每个问题下方内联显示规则说明和源代码片段
- Excel / CSV:增加
Rule Name、Rule Description、Source Snippet列
作为库使用
import { generateReport } from "@natsunaaa/export-sonarqube-report";
const outputPath = await generateReport(
{
baseUrl: "http://localhost:9000",
token: process.env.SONAR_TOKEN!,
projectKey: "my-project",
},
{
output: "report.xlsx",
format: "excel",
title: "Sprint 报告",
softwareQualities: ["RELIABILITY"],
impactSeverities: ["HIGH", "MEDIUM"],
detail: true,
},
);也可以直接调用特定格式的生成器:
import { SonarQubeClient, generateExcel, generateHtml } from "@natsunaaa/export-sonarqube-report";
const client = new SonarQubeClient({ baseUrl, token, projectKey });
const data = {
title: "我的报告",
projectKey,
generatedAt: new Date(),
qualityGate: await client.getQualityGateStatus(),
metrics: await client.getMetrics(),
issues: await client.getAllIssues(),
};
await generateExcel(data, "report.xlsx");
await generateHtml(data, "report.html");直接使用客户端
import { SonarQubeClient } from "@natsunaaa/export-sonarqube-report";
const client = new SonarQubeClient({
baseUrl: "http://localhost:9000",
token: process.env.SONAR_TOKEN!,
projectKey: "my-project",
});
const metrics = await client.getMetrics();
const qualityGate = await client.getQualityGateStatus();
const { issues, total } = await client.getIssues({
impactSeverities: ["HIGH"],
softwareQualities: ["RELIABILITY"],
});报告内容
- 质量门状态(PASSED / FAILED)
- 指标:缺陷、漏洞、代码异味、覆盖率、重复率、代码行数、评级
- 按软件质量和影响严重程度分组的问题(SonarQube 10+)
- 问题详情(文件位置、源代码片段、规则说明)— 使用
--detail时 - 支持 PDF、Excel、CSV、HTML 格式
系统要求
- Node.js >= 18
- 拥有有效用户令牌的 SonarQube 服务器
License
MIT
