A blog icon.

SonarQube Continuous Inspection as a High-Visibility Tool

SonarQube continuous inspection is an open-source tool that provides extensive code quality analysis, shows code coverage by unit tests, and displays integration test reports.
The SonarQube logo

During assessments and value stream mapping exercises, we often encounter leadership that lacks visibility into how their teams are performing. There is typically a formal process established to combat this issue such as weekly  or biweekly status reports from either scrum masters or individual team members. Teams often see these processes as another burden on their shoulders; they treat them as formalities instead of worthwhile necessities.

Unfortunately, these reports often prove to be brief, highly subjective, and lacking any glimpse into how teams are actually performing. Due to the weeks of time between reports, very long feedback loops are created that increase the chance of failing to delivery high quality software on time. When it’s discovered that there is a formal process in place for communicating updates to leadership, it’s almost always an indication that the organization is very heavily siloed.

It’s not like team leaders are just bad people. Most genuinely care about their project’s success. However, they often are unable to allocate time or money into looking into issues surrounding communication processes, or they might not know an issue exists in the first place. I like to say, “You don’t know what you don’t know.”

Wouldn’t it be great if a team leader could just open up a browser and navigate to a web page that shows a dashboard of real-time metrics that he cares about? At Liatrio, we strongly believe that information should be easily accessible at a click of the button.

Managing Visibility with SonarQube Continuous Inspection

SonarQube, an open-source tool that supports all major languages, is one of our recommended tools for providing project health visibility. SonarQube continuous inspection provides extensive code quality analysis, shows code coverage by unit tests, and displays integration test reports. It can even track and estimate technical debt.

One of my favorite features is the ability to track various aspects of a project’s quality as they evolve over time. This provides insight into determining if any new bugs were introduced in the latest build, if code unit test coverage dropped, or if complexity increased. These insights are delivered in a very descriptive yet straightforward way.

Quality Profiles are used to define requirements and specify sets of rules. These can be created for each language, as well.

A dashboard of SonarQube with multiple quality profiles in the lefthand sidebar.

Below are some examples of rules that one might turn on for any given Quality Profile.

A list of rules to turn on for a quality profile.

While performing code quality analysis, SonarQube continuous inspection has three types of problems it can identify: Issues, Code Smells and Vulnerabilities. Issues are broken down by Severity.

Another key SonarQube continuous inspection feature is Quality Gates. These are the thresholds of quality set to clearly indicate whether software quality is “good to go” or not acceptable yet.

A list of quality gates available for use.

SonarQube continuous inspection code analysis makes a great addition to any software delivery pipeline. Furthermore, the it can be even more worthwhile when integrated with other tools. You or a DevOps Engineer on your team could set up SonarQube in a way that a Jenkins job would be marked as failed if the latest build does not pass Quality Gates. The Build Breaker Plugin is great for accomplishing this.

DIY Dashboards

Custom dashboards are a necessity for fully utilizing the benefits of SonarQube continuous inspection. In essence, SonarQube accomplishes code analysis and compiles metrics. As a user, you can customize dashboards using widgets for all of those metrics.

It’s up to you to create the perfect dashboard that makes the most sense for your team’s project. Whatever combination of widgets you choose, the functionality is available.

A SonarQube dashboard.
A SonarQube dashboard.

Go the Extra Mile with SonarQube Continuous Inspection

With SonarQube continuous inspection, you can eliminate extra steps and needless processes, and get down to real-time data that conveys how teams are really doing. Limit manual work, and take advantage of the automation.

Share This Article
Have a question or comment?
Contact uS

Related Posts

An illustration of a tree with a large trunk and numerous small branches, against a green gradient background.
GitOps: Defining the Best Infrastructure Pattern For You

A trunk-based GitOps approach enables users to deliver software more quickly and efficiently.

A rube goldberg machine in muted color palette.
Autoscaling Azure GitHub Runners — We Built Them So You Don’t Have To

Liatrio built an open-source solution for autoscaling self hosted GitHub Action Runners in Azure. We use Infrastructure as Code (IaC) using Terraform to automate Azure autoscaling runners.

The IBM Cloud logo and AWS logo overtop of an abstract background.
IBM Cloud vs AWS: The Difference and How to Choose

In this post, we'll bring you a comparison between two of the main cloud providers: Amazon Web Services (AWS) and IBM Cloud.

Computers floating in the clouds in a Chris Ware art style.
Multi-Cloud vs Hybrid Cloud: The Difference and How to Choose

Multi-cloud vs hybrid cloud, what's the difference and how can you choose the best one for your situation?

The Liatrio logo mark.
About Liatrio

Liatrio is a collaborative, end-to-end Enterprise Delivery Acceleration consulting firm that helps enterprises transform the way they work. We work as boots-on-the-ground change agents, helping our clients improve their development practices, react more quickly to market shifts, and get better at delivering value from conception to deployment.