We have built a “commodity” solution to manage code quality.
To achieve this, providing the best product is not enough. Products also have to play well with the entire ecosystem in the development process, or they will simply not be used (at least on the scale we aspire to). It is with this in mind that we have built SonarQube and SonarLint.
with Build Systems
SonarQube is tightly integrated with standard build systems, to provide a zero-configuration approach.
By integrating with the most popular build systems, such as Maven, MSBuild, Gradle and ANT, we provide a quick way of scanning projects with little or no configuration. But that’s not the only benefit: such integrations also mean that this analysis “configuration” will always be up to date because it is what’s used to build the project, so the process stays smooth in the long run.
with CI Engines
SonarQube integrates with most popular Continuous Integration engines such as Jenkins and TFS.
The integration of SonarQube with build systems plus a simple command analysis line mechanism means that SonarQube easily integrates with CI engines. But we’ve gone even further to provide extra integrations with CI engines such as Jenkins and TFS by enabling a one-click experience to integrating SonarQube scans into the build.
Developers get feedback on code quality in their favorite IDEs as they develop.
SonarLint gives developers real-time feedback on code quality directly in the IDE, highlighting problems as developers type to keep the focus on the code.
with corporate Systems
As an enterprise product, SonarQube easily integrates with existing systems, for example authorization and authentication schemes.
SonarQube comes with built-in features to integrate with the most used security systems such as Active Directory, LDAP, Oauth and more. Authentication as well as Authorizations can be delegated to such systems. It can also be integrated to most other systems, thanks to its powerful API.
with Continuous Deployment
SonarQube offers a simple tooling to integrate to pipelines.
SonarQube offers the ability to hook a code quality verification, called a Quality Gate, at any step of a Continuous Delivery process. This allows you to condition the promotion of a build on whether or not the code has passed your predefined set of code quality criteria, thus automating promotion approval process.
High Availability & Data Integrity
Deploy SonarQube as a cluster of applications to avoid any interruption of the service
As SonarQube is one of the main components of a build chain for developers, teams who are in charge of the SonarQube instance in big companies want to make sure that the service is always available for the development teams. You can deploy SonarQube as a cluster of applications and search nodes to ensure that if one node crashes for some reasons, the other ones will take the lead to keep the service up and running. The SonarQube cluster will automatically recover from the unexpected situation and eventually ensure data integrity.