Overview of SonarQube

Overview of SonarQube
Techiio-author
Written by Sagar RabidasDecember 3, 2021
7 min read
SonarQube
0 VIEWS 0 LIKES 0 DISLIKES SHARE
0 LIKES 0 DISLIKES 0 VIEWS SHARE
Techiio-author
Sagar Rabidas

Software Developer

In this blog, we will discuss the overview of SonarQube.

SonarQube:-

Most of you might have heard about sonar or SonarQube as an automatic code to evaluate the device. It truly is right! However, sonarqube is not constrained to handiest performing computerized code evaluation and providing a listing of findings.

Because the documentation aptly says, it is an open-supply nice control platform which helps in non-stop analysis and measurement of technical exceptional of supply code. It offers a high degree photo of code fine measured towards configured coding standards/ pleasant practices.

There's ample documentation to be had on sonarqube website. This blog will help you to filter out the important things in records and offer a quick introduction to sonarqube and the way it works.

How does it work?

SonarQube takes project code as the input, analyzes it using pre-defined coding rules, and publishes web-based results giving an overview of the technical quality of code.

Results summarize the status on the project level which can be informative to management and is also possible to go on the issue level to see a specific line of code causing the rule violation. This feature makes it very useful for developers to take quick action.

Rules:-

The analysis is carried out using pre-defined rules based on industry coding standards /best practices. Rules for a particular language are available as a plug-in for most of the languages.

Quality Profile:-

Each language plugin comes with a predefined, built-in profile (called "Sonar way") having a set of pre-defined rules and it will be used as a default profile during analysis for projects.

New quality profiles can be created to configure rules as per project requirements, but it’s optional.

SonarQube allows inheritance in quality profiles thereby allowing to inherit rules provided by the plugin in the default profile.

Custom Rules:-

It is possible to create custom rules. Custom Rules are considered as any other rule, except that they can be fully edited or even deleted.

Rule Templates are provided by plugins to allow users to define their own rules in SonarQube.

Understanding the results:-

After the analysis, results are published and made available on the SonarQube web console.

On a project level, it gives a snapshot of overall issues with a severity-wise breakup, duplications, technical debt, etc.

Issues:-

During analysis, SonarQube raises an issue whenever a piece of code breaks a coding rule. Developers can also manually raise issues that cannot be detected by SonarQube (examples: the implementation of the method does not comply with the functional requirements, the JavaDoc of the method does not match its implementation, etc.). Each issue has one of the five securities e.g. blocker, critical, major, minor, info.

Technical Debt:-

Technical debt is the estimated effort in days to fix the issues. The computation of technical debt in SonarQube is based on the SQALE (Software Quality Assessment based on Lifecycle Expectations) methodology. To manage technical debt with SQALE, it is required to enable rules in the Common SonarQube repository that flag:

  • Duplicated blocks
  • Failed unit tests
  • Insufficient branch coverage by unit tests
  • Insufficient comment density
  • Insufficient line coverage by unit tests
  • Skipped unit tests

Benefits of SonarQube:-

  • Sustainability- Reduces complexity, possible vulnerabilities, and code duplications, optimizing the life of applications.
  • Increase productivity- Reduces the scale, cost of maintenance, and risk of the application; as such, it removes the need to spend more time changing the code
  • Quality code- Code quality control is an inseparable part of the process of software development.
  • Detect Errors- Detects errors in the code and alerts developers to fix them automatically before submitting them for output.
  • Increase consistency- Determines where the code criteria are breached and enhances the quality
  • Business scaling- No restriction on the number of projects to be evaluated
  • Enhance developer skills- Regular feedback on quality problems helps developers to improve their coding skills
sonarqube
0 VIEWS 0 LIKES 0 DISLIKES SHARE
0 LIKES 0 DISLIKES 0 VIEWS SHARE
Was this blog helpful?
techiio-price-plantechiio-price-plantechiio-price-plantechiio-price-plantechiio-price-plan
You must be Logged in to comment
Code Block
Techiio-author
Sagar Rabidas
Software Developer
Techiio-followerTechiio-followerTechiio-followerTechiio-followerTechiio-follower
+8 more
300 Blog Posts
14 Discussion Threads
Trending Technologies
15
Software40
DevOps46
Frontend Development24
Backend Development20
Server Administration17
Linux Administration26
Data Center24
Sentry24
Terraform23
Ansible83
Docker70
Penetration Testing16
Kubernetes21
NGINX20
JenkinsX17
Techiio-logo

Techiio is on the journey to build an ocean of technical knowledge, scouring the emerging stars in process and proffering them to the corporate world.

Follow us on:

Subscribe to get latest updates

You can unsubscribe anytime from getting updates from us
Developed and maintained by Wikiance
Developed and maintained by Wikiance