< All integrations

JFrog

Integrate SonarQube with the JFrog Platform for a complete DevSecOps solution from code to production.

Integration type

  • Chevron right iconSonar certified

SDLC Categories

  • Chevron right iconCI/CD
  • Chevron right iconSecurity & Compliance

Integration overview

The SonarQube integration with JFrog provides trusted auditing for software packages by enriching artifacts and builds with signed attestation metadata. This allows for easy tracking and verification for governance and compliance. The integration uses the JFrog CLI to create Sonar evidence, including the quality gate status, which is then displayed on the JFrog platform.