SonarQube is an open-source platform for continuous code quality inspection, code analysis, and software quality management. It provides a variety of tools and features to analyze code quality and identify potential issues, such as code smells, security vulnerabilities, and bugs.
With SonarQube, developers can continuously monitor the quality of their code, track metrics and trends, and take corrective actions to improve the overall quality of the codebase. It supports a variety of programming languages, including Java, C/C++, C#, Python, JavaScript, and more.
SonarQube provides detailed reports and visualizations to help developers and stakeholders understand the quality of their code and identify areas for improvement. SonarQube can help developers and teams improve their code quality, reduce technical debt, and ensure the long-term maintainability of their codebase.
We can trigger the sonarqube to calculate these stats whenever a new piece of code is gets merged to the feature branch using github actions. Here is the step by step process to setup the sonarqube
1. Create a project in Sonarqube
Sonarqube is a free software you can locally install the application on your own server or run a sonarqube docker container. Once done create a project. https://wiki.geant.org/display/GSD/Adding+Projects+to+SonarQube
This will provide you with project token, project key and the project name save it we will need this token later.
2. Create Github workflow file
3. Importing SonarQube Plugin in gradle file
plugins {
id("org.sonarqube") version "3.3"
}
sonarqube {
properties {
property("sonar.projectKey", "YourProjectKey")
property("sonar.projectName", "Your Project Name")
}
}
Voila!! run the workflow and you will get the stats of your repository.