SonarQube is an open source platform for continuous inspection of code quality. It performs automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 20+ programming languages. SonarQube provides reports on code coverage, code duplication, and cyclomatic complexity.
Login
On your first visit to the site, you will be presented with the login/signup screen.
When your instance is first created, an account is created for you with the email you chose. You can get the password for this account by going to your Elestio dashboard and clicking on the "Show Password" button.
Enter your username and password and click the "Login" button.
Creating A Project
Project is a codebase that you want to analyze for quality and security issues. It can be a single application, a library, or a collection of related applications. Each project in SonarQube has its own set of analysis results, metrics, and reports. You can create, configure, and manage projects using the SonarQube web interface or the SonarQube API. The project screen in SonarQube provides a view of the projects defined in the SonarQube instance, allowing you to manage and analyze them effectively. It is used to create, configure, and manage projects for analyzing code quality and security in your applications.
Background Tasks
Tasks in SonarQube are a way to track and manage the issues and actions that need to be addressed in your codebase. They provide a centralized view of the work that needs to be done to improve the quality and maintainability of your code. Tasks can include things like fixing code smells, resolving bugs, addressing security vulnerabilities, and improving code coverage. They help developers prioritize and organize their work by providing a list of actionable items that need attention.
Analyzing Your Project
Analyzing a project in SonarQube involves running a static code analysis on the codebase to identify and report on various quality and security issues. This process helps developers identify potential bugs, code smells, vulnerabilities, and other issues that could impact the overall quality and maintainability of the code. SonarQube provides a comprehensive set of rules and metrics to evaluate the code and generate detailed reports with actionable insights. The analysis results can be viewed in the SonarQube web interface, allowing developers to prioritize and address the identified issues. Analyzing a project is an essential step in improving the quality and security of your codebase. It helps developers identify and fix potential issues early in the development process, leading to more robust and reliable software.
Creating New Project Link
The project link in SonarQube allows you to associate external resources or documentation with a specific project. It provides a way to link related information, such as project documentation, issue trackers, or source code repositories, directly from the SonarQube project screen. This can help provide additional context and make it easier for developers to access relevant resources while working on the project. The project link screen in SonarQube provides a view of the linked resources for a project, allowing you to manage and access them effectively. It is used to associate external resources with a project in SonarQube.
New Code
Code in SonarQube provides a view of the codebase being analyzed. It allows developers to navigate through the code, view specific files, and explore the code structure. The code screen in SonarQube provides features like syntax highlighting, code navigation, and search functionality to help developers understand and analyze the code. It also displays code metrics, such as lines of code, complexity, and code duplication, to provide insights into the quality and maintainability of the codebase. The code screen is an essential tool for developers to review and analyze the code being analyzed in SonarQube. It helps them identify potential issues, understand the code structure, and make informed decisions to improve the quality of the code.
Permissions
Permissions in SonarQube define the access rights and privileges that users or groups have within the SonarQube instance. They determine what actions a user can perform and what resources they can access. Permissions can be assigned at various levels, such as global, project, or project template level. They allow administrators to control and manage user access to different features and functionalities of SonarQube. The permissions screen in SonarQube provides a view of the permissions assigned to users or groups, allowing administrators to manage and configure access effectively. It is used to define and manage permissions for users and groups in SonarQube.
Creating Webhook
Webhook in SonarQube allows you to receive real-time notifications or trigger actions in external systems based on events that occur in SonarQube. It enables you to integrate SonarQube with other tools or services by sending HTTP requests to a specified URL when specific events, such as analysis completion or issue creation, occur in SonarQube. This can be useful for automating workflows, sending notifications, or updating external systems based on the analysis results or changes in the code quality. The webhook screen in SonarQube provides a view of the configured webhooks, allowing you to manage and monitor the webhook integrations effectively. It is used to set up and configure webhooks for integrating SonarQube with external systems.
