SonarQube

SonarQube is a platform for managing code quality. With support for more than twenty languages (C#, JavaScript, Python, and so on) the platform is ideal for a heterogeneous development environment. The product also integrates with MSTest/VSTest providing static as well as dynamic code analysis. When combined with a continuous integration process, SonarQube provides metrics and insights with little to no cost, in terms of development effort, to the application teams. According to SonarSource, the developers of SonarQube, the product covers the seven axes of code quality, which the follow image depicts:

Setup and Configuration

SonarQube offers an entire ecosystem of advanced features that are out of the scope of this document. What is provided here is an overview of the requisite elements to begin operations. There are three basic components to keep in mind for a Sonar implementation:

  • Sonar server
  • Sonar runner
  • CI server (Jenkins in our case)

Analysis

At a high-level SonarQube offers organizational insights for each project's technical debt, test coverage, and project size:

Integration with Jenkins

Server Plug-in: Before we can configure SonarQube within Jenkins, we must first install the plug-in. The manage plug-ins option can be found from the manage Jenkins section of the application (depicted below).

Once in the plug-ins menu, you can select "Available" and then "SonarQube plugin" (demonstrated below).

Click the checkbox, and then "Install without restart". The install progress will display and complete within a few minutes, provided no builds are running. Once installed, go back to Manage Jenkins, and then select the Configure System option.

Finally add Sonarqube step in jenkins job as follows:

Note: There are lots of other details for Sonarqube, however we encourage you to read online, because it is out of scope for this book to discuss extreme details of Sonarqube.

Docker installation

With lightweight containers, docker helps you create sandbox environments, that replicate production environment. Assuming that you have a basic understanding of docker, spinning up a sandbox for Sonarqube is as below.

Video

results matching ""

    No results matching ""