Why I use SonarQube...
SonarQube http://www.sonarqube.org/ is a fantastic opensource tool for measuring code quality across multiple projects. I use it to provide an ''At-a-glance'' view of the size and quality of the projects I am involved in.
Where ReSharper or equivalent provides a point of creation view of code issues to the developer, SonarQube provides a historical and aggregated view.
These are just some of the situations I have SonarQube useful in over the last few years.
- Automating the mundane parts of code review process
- Identifying training needs in the team
- Provide Return on Investment Metrics for Technical Debt work to management.
- Target precious re-factoring time to most beneficial areas
- Consistency in Applying Standards
- Incentive to write cleaner code
- Map a teams improvement over time
- Basis for code reviews
Running an Analysis
In order to get a project into SonarQube it is necessary to run an analysis application, this reads a Sonar-Project.Properties file in the root of the project.
I am currently working on multiple projects across many CI processes depending upon so have set up a dedicated SonarQube server in Azure to bring all the projects together.
I wrote some bespoke PowerShell to do the following;
- Read a Config File of projects and the repository URL''s
- Check if first run
- Do a pull for updates
- If there are any changes run SonarQube
I fire this off daily using a task scheduler on the server and can then only analyse projects that have been active. This is far more efficient as I am analysing multiple smaller projects, and I can also see when project where last active in the dashboard view.
The main advantage of this script is any developer can add a project to the config file and check into source control, on the next run the updated config file is pulled and the project analysed.
I would recommended it to anyone and it one of the first actions I do now on a new project to start recording the quality of the project.