Sonar – Code Quality Management Platform

TechySoul DevOps 0 Comments

What is Sonar?
Sonar is an open source web-based software used for performing static code reviews. All or selected checkstyle,findbugs and pmd rules can be configured together in the Sonar quality profile depending on the nature of the underlying project. This is really useful as the rules that you would need for a web-based java application would be a lot different than a back-end processing java application. Moreover it also gives way to focus on certain rules on priority to make the code quality improvement a phase-wise approach if so desired.

Why should we use Sonar?

• Although these rules can also be configured in developer’s IDE, its uniform enforcement across the entire team is always a challenge.
• All stakeholders including developers, reviewers, team leads and managers can have access to the code quality using Sonar’s web based front end.
• Sonar greatly improves the review efficiency of code reviewers who can focus entirely on the functionality review as all static code analysis is taken care of by Sonar.
• The ruleset can be tailor-made depending on the nature of the underlying application. Some rules can be ignored while severity of some of the violations can be changed easily via Sonar GUI. Different project can be associated with different ruleset
• It is also possible to carry out trend analysis for the violations added/fixed by individual projects or all of them together with few clicks without any pre-analysis configuration.
• Support is available for more than 20 programming languages including Java, C/C++, C#, PL/SQL etc.
• Powerful extension mechanism covers new languages, adding rules engines, computing advanced metrics. More than 50 plugins are already available.
• Easy integration with a variety of continuous integration servers is possible.
• Easy integration with Eclipse provides developers a more efficient way to handle violations in the code.
How to use Sonar in your project?
Sonar can be downloaded for free deployed and as a webapp in any of your DevOps machine/server. Detailed instructions to install and configure Sonar are given here
Sonar comes with an inbuilt file-system based h2 database and you can use it for initial evaluation. However for production purposes it is highly recommended to use enterprise grade database like MySQL or Oracle.
What is the cost of Sonar?
SonarQube is completely free as is distributed under the GNU Lesser GPL License, Version 3, under Swiss law. However please note that some plug-ins like PL/SQL come at a cost.

Share this Post

Leave a Reply

Your email address will not be published. Required fields are marked *