We have been using SonarQube for inspecting code quality of our applications for a long time now. We have integrated SonarQube with our CI/CD Pipeline and configured Quality Gates — hence with every code check in we perform a static code analysis of the changes. This provides developers an early feedback of their code changes. If the code changes does not meet quality standards, the code check-in is rejected.
Quality Gates are the best way to ensure that standards are met and regulated across all the projects in your organization.Quality Gates can be defined as a set of threshold measures set on your project like Code Coverage, Technical Debt Measure, Number of Blocker/Critical issues, Security Rating/ Unit Test Pass Rate and more.
During the past month, I have been blogging about SonarQube – an open source static code analysis tool. We recently started using SonarQube in our projects to ensure high code quality, automate our code review process and also manage our technical debt. In this article I will provide an overview on another very popular and powerful Static Code Analysis tool – NDepend.
SonarQube has a collection of rules to analyze your source code at compile time to identify potential vulnerabilities, bugs, anti-patterns, refactoring and poor coding practices. The earlier we identify issues, the easier and cheaper it is to address them. By leveraging the power of Static Code Analysis, developers can get an early feedback for their code changes.
If you are trying to install SonarQube in your project or planning to upgrade it to a newer version, you might have bumped into multiple issues during the setup process. In this article, I will show you how you can display the Code Coverage Results in SonarQube and troubleshoot any issues related with the same.
The SonarQube Scanner for MSBuild – Begin Analysis task contacts the SonarQube server to retrieve the quality profile, and dynamically produces rulesets to be applied during the static analysis. If there are issues in the process, I would recommend to go the Administration section in your SonarQube server, and navigate to the background Tasks tab to find the error log.
I have my SonarQube server up and running. I added a SonarQube Service endpoint and associated it while configuring the SonarQube Begin analysis task.
However when I trigger the build, it failed throwing the below error – ‘Unhandled Exception: System.IO.InvalidDataException: End of Central Directory record could not be found.’
SonarQube is a great tool for identifying anti-patterns in your code base and help you improve Code Quality. However while installing the tool, you might come across a number of issues. In this article, I have explained issues which I encountered while configuring my SQL Server database instance and the resolution.
Are you worried about ‘Technical Debt’ in your project? In this blog, we will try to understand what Technical Debt is, what causes it, how to measure it and ultimately bring it down. What is Technical Debt? Everybody wants to write… Read More ›
samirbehara 