In this tutorial we will be having a look at features and advantages of sonarqube and its architecture
- Sonarqube is an open source platform for ongoing software quality inspection.
- Sonarqube have support for various languages such as Java, PHP, Flex, Ruby
- Provide the reports for various code quality issues
- It gives you the code coverage information so it basically tells you what percentage of your code is actually covered by the test cases
- It will bring you the sophistication of the software articles. It basically tells you what we've coded, whether it's a simple one or we've coded it in a complex way.
- Once you run the sonarqube, the developer or manager will be able to take action to resolve or fix these issues based on that report. After fixing the issues, the report will be executed again and the current results will be compared with the historical report. You can check what the developers have done to improve the quality of the code or not.
- It supports build tools or integration tools. It is possible to integrate Sonarqube with tools such as ant, maven, gradle.
- Developer can integrate sonarlint plugin with eclipse so that developer can analyze the code quality at the time of development phase itself.
- When you run the sonar lint in your Eclipse, it will provide you with all the issues you will find during the review and the developer will be able to fix the development phase itself.
Here we will have a look at sonarqube architecture.
SonarQube Architecture can be classified in four components
1. Sonar Scanner
- Previously known as sonar runner.
- Ideally you need to use any of the built-in tools such as ant, maven or gradle that invokes the Sonar Scanner to fetch the source code.
- Ideally you need to use any of the built-in tools such as ant, maven or gradle that invokes the Sonar Scanner to fetch the source code. It takes the source code from the repository or a configuration parameter is used to set the place from which you want the source code to be taken. SonarQube cube supports plugins like SVN and some of the other version control system such as git etc. You can go straight ahead and incorporate these stuff with any build tools that are the integration tool, so you don't have to offer the direction every time, because the build tool automatically pulls the software from the database.
- The source code is the code written by developer or manager.
- The code is then pushed to repository.
- Pull Requests (PRs) are visible in SonarQube
- The sonar analyzer takes the source code you would like to analyze
- Sonar analyzer takes the source code and go through all the code and gives you technical problems
- Sonar receives the request and starts to examine the source code of the project. The analysis is based on the project's Sonar profile activating any additional plugins or reporting capabilities, if any.
- You simply need to integrate these plugins into your sonar qube and the sonarqube will analyze the source code.
- You need to add these plugins to the sonar analyzer based on the language you want to analyze.
- When the analysis is finished, the results will be stored in database for future reference
- Sonar analyzers come with thousands of rules on 25+ programming languages
- It will be sent to the database once the report is generated so that it can be stored in the database and subsequently used for reporting purposes
- There is a caching server which is used to hold the temporary reports in the cache
- The main advantage of caching server is, it is going to maintain the reports in the cache to reduce the calls to the database as the result you can see high performance
- Once the sonar analyzer completes the analysis of the source code then it is going to send the this report to the queue where the server needs to be process those results
- After the results are processed then the report or the data will be stored in the database. SonarQube will have a default database
- You can integrate your own database our to your sonarqube
- Sonarqube supports various databases like a ms SQL Server, Oracle etc