Monday, February 14, 2022

SonarQube:- Code Analysis Tool

 Code Quality:

When developers develop the code they use some programming language and every language has some standard way to write the code for the applications. Developers should follow these standards. The code quality always adds business value to a software system.

In Order to evaluate software, it is necessary to select relevant quality characteristics ISO/IEC 9126 defines a quality model which is applicable to every kind of software. It defines 6 product quality characteristics

  • Functionality
  • Reliability
  • Usability
  • Efficiency
  • Maintainability
  • Portability


It is an open-source software quality platform. It has a rich web-based dashboard and it saves the calculated measures in a database.

How Sonar Works?

Sonar uses various static and dynamic code analysis tools such as Checkstyle, PMD, FindBugs, FxCop, Gendarme, and many more to extract software metrics, which can be used to improve software quality.

SonarQube Structure:-

Code in Prog Lang -->Code Analysis with SonarQube Scanner-->SonarQube Server (Web Server, ELK, plugins, Compute Engine)<------> SonarQubeDB

SonarQube CI Process

SonarQube Features

It supports Java,C/C++,C#,PHP,Flex,Groovy,JavaScript,Python,PL/SQL,COBOL etc

It can be used in Android development

Offers reports on duplicated code, coding standards, unit tests, code coverage, code complexity, potential bugs.

Records metics history and provide you evolution graphs.

It provides fully automated analysis integrates with Maven, Gradle, 
Ant and Continuous integration tools (jenkins, Gitlab etc)

It can also integrate with some external tools like JIRA, Fortify, etc


Post a Comment