# ReflectSonar
<p align="center">
<img src="https://raw.githubusercontent.com/ataseren/reflectsonar/refs/heads/main/rs-logo.png" width="400" alt="reflectsonar-logo">
</p>
**PDF Report Generator for SonarQube Analysis**
ReflectSonar is a simple Python tool for generating a PDF report of a project scan conducted by a SonarQube instance. It reads the data via API and generates a PDF report for general metrics, issues and security hotspots.
SonarQube Community and Developer Editions do not have report generationn feature. The purpose of this tool is adding this functionality to these editions.
This tool is not affiliated with Sonar. The report is generated based on SonarQube instance that its information is provided. All data is fetched from
SonarQube API. ReflectSonar just provides a way to generate the report.
## Quick Start
### Installation
#### Option 1: Install from PyPI
```bash
# Install ReflectSonar
pip install reflectsonar
# Run directly
reflectsonar -p "your-project-key" -t "your-token" -u "http://your-sonarqube:9000"
```
#### Option 2: Download Pre-built Binary
Download the latest binary release for your platform from the [Releases page](https://github.com/ataseren/reflectsonar/releases):
**Linux:**
```bash
# Download and extract
wget https://github.com/ataseren/reflectsonar/releases/latest/download/reflectsonar-linux-x64.tar.gz
tar -xzf reflectsonar-linux-x64.tar.gz
# Make executable and run
chmod +x reflectsonar
./reflectsonar --help
```
**Windows:**
```powershell
# Download reflectsonar-windows-x64.zip from releases page
# Extract and run reflectsonar.exe
.\reflectsonar.exe --help
```
**macOS:**
```bash
# Download and extract
wget https://github.com/ataseren/reflectsonar/releases/latest/download/reflectsonar-macos-x64.tar.gz
tar -xzf reflectsonar-macos-x64.tar.gz
# Make executable and run
chmod +x reflectsonar
./reflectsonar --help
```
#### Option 3: Install from Source
```bash
# Clone the repository
git clone https://github.com/ataseren/reflectsonar.git
cd reflectsonar
# Install dependencies
pip install -r requirements.txt
```
### Basic Usage
#### Using the Binary (Recommended)
```bash
# Generate a report for your project
./reflectsonar -p "your-project-key" -t "your-sonarqube-token" -u "http://your-sonarqube-server:9000"
# With custom output path
./reflectsonar -p "my-app" -t "squ_abc123..." -o "reports/my-app-quality-report.pdf"
# With verbose logging
./reflectsonar -p "my-app" -t "squ_abc123..." --verbose
# Using a configuration file
./reflectsonar -c config.yaml
```
#### Using Python Source
```bash
# Generate a report for your project
python src/main.py -p "your-project-key" -t "your-sonarqube-token" -u "http://your-sonarqube-server:9000"
# With custom output path
python src/main.py -p "my-app" -t "squ_abc123..." -o "reports/my-app-quality-report.pdf"
# With verbose logging
python src/main.py -p "my-app" -t "squ_abc123..." --verbose
```
## Command Line Options
| Option | Short | Description | Required | Default |
|--------|-------|-------------|----------|---------|
| `--project` | `-p` | SonarQube project key | ✅ Yes | - |
| `--token` | `-t` | SonarQube authentication token | ✅ Yes | - |
| `--url` | `-u` | SonarQube server URL | ❌ No | `http://localhost:9000` |
| `--output` | `-o` | Output PDF file path | ❌ No | Auto-generated |
| `--config` | `-c` | Configuration file path | ❌ No | `config.yaml` |
| `--verbose` | `-v` | Enable detailed logging | ❌ No | `False` |
## Configuration
### SonarQube Token Setup
- **Generate Token**: Go to SonarQube → My Account → Security → Generate Tokens (It must be a User Token)
- **Token Format**: `squ_1a2b3c4d5e6f7g8h9i0j...`
- **Permissions**: Ensure token has enough permission on your project
## Report Structure
### 1. **Cover Page**
- Project overview and summary statistics
- Quality metrics and ratings
- Generation timestamp and SonarQube mode
### 2. **Issues**
- Security, reliability and maintainability issues
- Affected code snippets and triggered rules
### 3. **Security Hotspots**
- Detailed security hotspot analysis
- Risk categories and remediation guidance
- Code context and security implications
### 4. Rules
- Rules triggered by the issues in a project
- Mitigation and detailed description for the issue
- Extra resources
## Contributing
We welcome contributions! Please see our [Contributing Guidelines](CONTRIBUTING.md) for details.
[Open an issue](https://github.com/ataseren/reflectsonar/issues) to discuss your ideas! Submit a PR in any way you want.
I am trying to make life easier for peoples' that need the functionality of this tool. Therefore, I don't want to bother you with strict contribution rules. Just open an issue or PR and I will be happy to review it.
Also, feel free to reach out to me via email or LinkedIn.
## License
This project is licensed under the GPL-3.0 License - see the [LICENSE](LICENSE) file for details.
Raw data
{
"_id": null,
"home_page": null,
"name": "reflectsonar",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": null,
"keywords": "sonarqube, quality, report, pdf, analysis, code-quality",
"author": null,
"author_email": "Ata Seren <ata.seren@hotmail.com>",
"download_url": "https://files.pythonhosted.org/packages/0d/5f/2ef2d75ea5211cfa47e474da63bf45f8383a34064afc19d057ffac7ec6dc/reflectsonar-1.0.1.tar.gz",
"platform": null,
"description": "# ReflectSonar\n\n<p align=\"center\">\n <img src=\"https://raw.githubusercontent.com/ataseren/reflectsonar/refs/heads/main/rs-logo.png\" width=\"400\" alt=\"reflectsonar-logo\">\n</p>\n\n**PDF Report Generator for SonarQube Analysis**\n\nReflectSonar is a simple Python tool for generating a PDF report of a project scan conducted by a SonarQube instance. It reads the data via API and generates a PDF report for general metrics, issues and security hotspots.\n\nSonarQube Community and Developer Editions do not have report generationn feature. The purpose of this tool is adding this functionality to these editions.\n\nThis tool is not affiliated with Sonar. The report is generated based on SonarQube instance that its information is provided. All data is fetched from\nSonarQube API. ReflectSonar just provides a way to generate the report.\n\n## Quick Start\n\n### Installation\n\n#### Option 1: Install from PyPI\n\n```bash\n# Install ReflectSonar\npip install reflectsonar\n\n# Run directly\nreflectsonar -p \"your-project-key\" -t \"your-token\" -u \"http://your-sonarqube:9000\"\n```\n\n#### Option 2: Download Pre-built Binary\n\nDownload the latest binary release for your platform from the [Releases page](https://github.com/ataseren/reflectsonar/releases):\n\n**Linux:**\n```bash\n# Download and extract\nwget https://github.com/ataseren/reflectsonar/releases/latest/download/reflectsonar-linux-x64.tar.gz\ntar -xzf reflectsonar-linux-x64.tar.gz\n\n# Make executable and run\nchmod +x reflectsonar\n./reflectsonar --help\n```\n\n**Windows:**\n```powershell\n# Download reflectsonar-windows-x64.zip from releases page\n# Extract and run reflectsonar.exe\n.\\reflectsonar.exe --help\n```\n\n**macOS:**\n```bash\n# Download and extract\nwget https://github.com/ataseren/reflectsonar/releases/latest/download/reflectsonar-macos-x64.tar.gz\ntar -xzf reflectsonar-macos-x64.tar.gz\n\n# Make executable and run \nchmod +x reflectsonar\n./reflectsonar --help\n```\n\n#### Option 3: Install from Source\n\n```bash\n# Clone the repository\ngit clone https://github.com/ataseren/reflectsonar.git\ncd reflectsonar\n\n# Install dependencies\npip install -r requirements.txt\n```\n\n### Basic Usage\n\n#### Using the Binary (Recommended)\n\n```bash\n# Generate a report for your project\n./reflectsonar -p \"your-project-key\" -t \"your-sonarqube-token\" -u \"http://your-sonarqube-server:9000\"\n\n# With custom output path\n./reflectsonar -p \"my-app\" -t \"squ_abc123...\" -o \"reports/my-app-quality-report.pdf\"\n\n# With verbose logging\n./reflectsonar -p \"my-app\" -t \"squ_abc123...\" --verbose\n\n# Using a configuration file\n./reflectsonar -c config.yaml\n```\n\n#### Using Python Source\n\n```bash\n# Generate a report for your project\npython src/main.py -p \"your-project-key\" -t \"your-sonarqube-token\" -u \"http://your-sonarqube-server:9000\"\n\n# With custom output path\npython src/main.py -p \"my-app\" -t \"squ_abc123...\" -o \"reports/my-app-quality-report.pdf\"\n\n# With verbose logging\npython src/main.py -p \"my-app\" -t \"squ_abc123...\" --verbose\n```\n\n## Command Line Options\n\n| Option | Short | Description | Required | Default |\n|--------|-------|-------------|----------|---------|\n| `--project` | `-p` | SonarQube project key | \u2705 Yes | - |\n| `--token` | `-t` | SonarQube authentication token | \u2705 Yes | - |\n| `--url` | `-u` | SonarQube server URL | \u274c No | `http://localhost:9000` |\n| `--output` | `-o` | Output PDF file path | \u274c No | Auto-generated |\n| `--config` | `-c` | Configuration file path | \u274c No | `config.yaml` |\n| `--verbose` | `-v` | Enable detailed logging | \u274c No | `False` |\n\n## Configuration\n\n### SonarQube Token Setup\n\n- **Generate Token**: Go to SonarQube \u2192 My Account \u2192 Security \u2192 Generate Tokens (It must be a User Token)\n- **Token Format**: `squ_1a2b3c4d5e6f7g8h9i0j...` \n- **Permissions**: Ensure token has enough permission on your project\n\n## Report Structure\n\n### 1. **Cover Page**\n- Project overview and summary statistics\n- Quality metrics and ratings\n- Generation timestamp and SonarQube mode\n\n### 2. **Issues**\n- Security, reliability and maintainability issues\n- Affected code snippets and triggered rules\n\n### 3. **Security Hotspots**\n- Detailed security hotspot analysis\n- Risk categories and remediation guidance\n- Code context and security implications\n\n### 4. Rules\n- Rules triggered by the issues in a project\n- Mitigation and detailed description for the issue\n- Extra resources\n\n## Contributing\n\nWe welcome contributions! Please see our [Contributing Guidelines](CONTRIBUTING.md) for details.\n\n[Open an issue](https://github.com/ataseren/reflectsonar/issues) to discuss your ideas! Submit a PR in any way you want.\n\nI am trying to make life easier for peoples' that need the functionality of this tool. Therefore, I don't want to bother you with strict contribution rules. Just open an issue or PR and I will be happy to review it. \n\nAlso, feel free to reach out to me via email or LinkedIn.\n\n## License\n\nThis project is licensed under the GPL-3.0 License - see the [LICENSE](LICENSE) file for details.\n",
"bugtrack_url": null,
"license": null,
"summary": "PDF Report Generator for SonarQube Analysis",
"version": "1.0.1",
"project_urls": {
"Homepage": "https://github.com/ataseren/reflectsonar",
"Issues": "https://github.com/ataseren/reflectsonar/issues",
"Repository": "https://github.com/ataseren/reflectsonar"
},
"split_keywords": [
"sonarqube",
" quality",
" report",
" pdf",
" analysis",
" code-quality"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "45534b1fd15a3e8b4316570b1e2200db19c689662754008a49146e5b7999e393",
"md5": "c66e0fa6fe54380ea814e738f421c781",
"sha256": "53316e0a903ea8025566d6381563b6b4ca6e89b34dfd2b1ae839135a1394d5b5"
},
"downloads": -1,
"filename": "reflectsonar-1.0.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c66e0fa6fe54380ea814e738f421c781",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 356530,
"upload_time": "2025-10-10T10:26:56",
"upload_time_iso_8601": "2025-10-10T10:26:56.017042Z",
"url": "https://files.pythonhosted.org/packages/45/53/4b1fd15a3e8b4316570b1e2200db19c689662754008a49146e5b7999e393/reflectsonar-1.0.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "0d5f2ef2d75ea5211cfa47e474da63bf45f8383a34064afc19d057ffac7ec6dc",
"md5": "3494d01e9c1672fa3c88c7a86d465432",
"sha256": "5525b8f815d407434437c20ae2c257241aafe33470f3c2620bf45c928e1b7d49"
},
"downloads": -1,
"filename": "reflectsonar-1.0.1.tar.gz",
"has_sig": false,
"md5_digest": "3494d01e9c1672fa3c88c7a86d465432",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 354362,
"upload_time": "2025-10-10T10:26:57",
"upload_time_iso_8601": "2025-10-10T10:26:57.753812Z",
"url": "https://files.pythonhosted.org/packages/0d/5f/2ef2d75ea5211cfa47e474da63bf45f8383a34064afc19d057ffac7ec6dc/reflectsonar-1.0.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-10-10 10:26:57",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "ataseren",
"github_project": "reflectsonar",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "certifi",
"specs": [
[
"==",
"2025.4.26"
]
]
},
{
"name": "chardet",
"specs": [
[
"==",
"5.2.0"
]
]
},
{
"name": "charset-normalizer",
"specs": [
[
"==",
"3.4.2"
]
]
},
{
"name": "idna",
"specs": [
[
"==",
"3.10"
]
]
},
{
"name": "pillow",
"specs": [
[
"==",
"11.2.1"
]
]
},
{
"name": "reportlab",
"specs": [
[
"==",
"4.4.0"
]
]
},
{
"name": "requests",
"specs": [
[
"==",
"2.32.3"
]
]
},
{
"name": "urllib3",
"specs": [
[
"==",
"2.4.0"
]
]
},
{
"name": "pyyaml",
"specs": [
[
"==",
"6.0.3"
]
]
}
],
"lcname": "reflectsonar"
}
JSON
