A blog icon.

SonarQube Continuous Inspection as a High-Visibility Tool

SonarQube continuous inspection is an open-source tool that provides extensive code quality analysis, shows code coverage by unit tests, and displays integration test reports.
The SonarQube logo

During assessments and value stream mapping exercises, we often encounter leadership that lacks visibility into how their teams are performing. There is typically a formal process established to combat this issue such as weekly  or biweekly status reports from either scrum masters or individual team members. Teams often see these processes as another burden on their shoulders; they treat them as formalities instead of worthwhile necessities.

Unfortunately, these reports often prove to be brief, highly subjective, and lacking any glimpse into how teams are actually performing. Due to the weeks of time between reports, very long feedback loops are created that increase the chance of failing to delivery high quality software on time. When it’s discovered that there is a formal process in place for communicating updates to leadership, it’s almost always an indication that the organization is very heavily siloed.

It’s not like team leaders are just bad people. Most genuinely care about their project’s success. However, they often are unable to allocate time or money into looking into issues surrounding communication processes, or they might not know an issue exists in the first place. I like to say, “You don’t know what you don’t know.”

Wouldn’t it be great if a team leader could just open up a browser and navigate to a web page that shows a dashboard of real-time metrics that he cares about? At Liatrio, we strongly believe that information should be easily accessible at a click of the button.

Managing Visibility with SonarQube Continuous Inspection

SonarQube, an open-source tool that supports all major languages, is one of our recommended tools for providing project health visibility. SonarQube continuous inspection provides extensive code quality analysis, shows code coverage by unit tests, and displays integration test reports. It can even track and estimate technical debt.

One of my favorite features is the ability to track various aspects of a project’s quality as they evolve over time. This provides insight into determining if any new bugs were introduced in the latest build, if code unit test coverage dropped, or if complexity increased. These insights are delivered in a very descriptive yet straightforward way.

Quality Profiles are used to define requirements and specify sets of rules. These can be created for each language, as well.

A dashboard of SonarQube with multiple quality profiles in the lefthand sidebar.

Below are some examples of rules that one might turn on for any given Quality Profile.

A list of rules to turn on for a quality profile.

While performing code quality analysis, SonarQube continuous inspection has three types of problems it can identify: Issues, Code Smells and Vulnerabilities. Issues are broken down by Severity.

Another key SonarQube continuous inspection feature is Quality Gates. These are the thresholds of quality set to clearly indicate whether software quality is “good to go” or not acceptable yet.

A list of quality gates available for use.

SonarQube continuous inspection code analysis makes a great addition to any software delivery pipeline. Furthermore, the it can be even more worthwhile when integrated with other tools. You or a DevOps Engineer on your team could set up SonarQube in a way that a Jenkins job would be marked as failed if the latest build does not pass Quality Gates. The Build Breaker Plugin is great for accomplishing this.

DIY Dashboards

Custom dashboards are a necessity for fully utilizing the benefits of SonarQube continuous inspection. In essence, SonarQube accomplishes code analysis and compiles metrics. As a user, you can customize dashboards using widgets for all of those metrics.

It’s up to you to create the perfect dashboard that makes the most sense for your team’s project. Whatever combination of widgets you choose, the functionality is available.

A SonarQube dashboard.
A SonarQube dashboard.

Go the Extra Mile with SonarQube Continuous Inspection

With SonarQube continuous inspection, you can eliminate extra steps and needless processes, and get down to real-time data that conveys how teams are really doing. Limit manual work, and take advantage of the automation.


Share This Article
Have a question or comment?
Contact uS

Related Posts

Terraform 6 ways
What Is Terraform Used for? 6 Ways to Use Terraform

Terraform is an open-source infrastructure as code (IaC) tool that enables users to define and manage their cloud infrastructure in a declarative and reproducible manner.

Markdown examples floating on top of a laptop computer.
Better Markdown Means Better DevOps

Your Github READMEs and Pull Requests don't have to be boring. Here are 5 markdown features to help level-up repo docs and dev workflow.

Github Actions workflow diagrams
Github Actions For Everything: It Does More Than Build Code

Github Actions has a large set of “workflow triggers” that can be used to kick off new pipeline runs. Used in tandem with the Github Actions and APIs, workflows can be used to automate many parts of the SDLC beyond building and deploying code.

An illustration of a tree with a large trunk and numerous small branches, against a green gradient background.
GitOps: Defining the Best Infrastructure Pattern For You

A trunk-based GitOps approach enables users to deliver software more quickly and efficiently.

The Liatrio logo mark.
About Liatrio

Liatrio is a collaborative, end-to-end Enterprise Delivery Acceleration consulting firm that helps enterprises transform the way they work. We work as boots-on-the-ground change agents, helping our clients improve their development practices, react more quickly to market shifts, and get better at delivering value from conception to deployment.