SonarQube: Helper of Dev and organisation for better code quality and security practices.
Overall Satisfaction with SonarQube
As service based and product based organisation we are dealing with variety of products and projects so in order to maintain the Code Quality and also improve the coding structure by following the suggestions given by SonarQube Analysis and also checking the Code Coverage so we get to know that our code has fully passed through the Sonar Analysis. As a part of DevOps team we integrate SonarQube checks in CI(continuous integration part) so its an part of continuous code quality and we have also created custom Quality Gates in order to prevent the false or unimproved code from going into any environments.
Pros
- Static Code Scanning
- Code Coverage reports, User Friendly Dashboard
- Integration with various tools in order to maintain code quality
- Pre-built as well as Custom Quality Gates
- Detect Bugs & Vulnerabilities, Review Security Hotspots, Track Code Smells
- Also has many plugins to interact with
Cons
- As in SonarQube community edition they should enable the after scanning report generation
- other security reports like, vulnerability with preferred solution
- Guide on scalability, backups, resiliency as well
- small report type UI on other tools as well like Jenkins
- Integrations with CI/CD
- Many plugins which we can integrate
- Code coverage
- Vulnerability, code smells, bugs
- Custom as well prebuilt code quality gates
- Support many current trends tech stacks languages
- User management and project management
- User friendly UI for seeing after scans report
- Helped the Developer in maintaining code quality and also better at coding structures
- maintaining the security best practices before they are going to production
- also resolved vulnerabilities and bugs on bases of best given suggestion
No alternatives as SonarQube is best fitted in our Use Cases
Do you think SonarQube delivers good value for the price?
Yes
Are you happy with SonarQube's feature set?
Yes
Did SonarQube live up to sales and marketing promises?
Yes
Did implementation of SonarQube go as expected?
Yes
Would you buy SonarQube again?
Yes
Comments
Please log in to join the conversation