SonarQube as a high visibility tool

During assessments and value stream mapping exercises, we often encounter leadership that lacks visibility into how their teams are performing. There is typically a formal process established to combat this issue such as weekly  or biweekly status reports from either scrum masters or individual team members. Teams often see these processes as another burden on their shoulders; they treat them as formalities instead of worthwhile necessities.

Unfortunately, these reports often prove to be brief, highly subjective, and lacking any glimpse into how teams are actually performing. Due to the weeks of time between reports, very long feedback loops are created that increase the chance of failing to delivery high quality software on time. When it’s discovered that there is a formal process in place for communicating updates to leadership, it’s almost always an indication that the organization is very heavily siloed.

It’s not like team leaders are just bad people. Most genuinely care about their project’s success. However, they often are unable to allocate time or money into looking into issues surrounding communication processes, or they might not know an issue exists in the first place. I like to say, “You don’t know what you don’t know.”

Wouldn’t it be great if a team leader could just open up a browser and navigate to a web page that shows a dashboard of real-time metrics that he cares about? At Liatrio, we strongly believe that information should be easily accessible at a click of the button.

Managing Visibility with SonarQube

SonarQube, an open-source tool that supports all major languages, is one of our recommended tools for providing project health visibility. It provides extensive code quality analysis, shows code coverage by unit tests, and displays integration test reports. It can even track and estimate technical debt.

One of my favorite features is the ability to track various aspects of a project’s quality as they evolve over time. This provides insight into determining if any new bugs were introduced in the latest build, if code unit test coverage dropped, or if complexity increased. These insights are delivered in a very descriptive yet straightforward way.

Quality Profiles are used to define requirements and specify sets of rules. These can be created for each language, as well.


Below are some examples of rules that one might turn on for any given Quality Profile.


While performing code quality analysis, SonarQube has three types of problems it can identify: Issues, Code Smells and Vulnerabilities. Issues are broken down by Severity.

Another key SonarQube feature are Quality Gates. These are the thresholds of quality set to clearly indicate whether software quality is “good to go” or not acceptable yet.

 

SonarQube code analysis makes a great addition to any software delivery pipeline. Furthermore, the it can be even more worthwhile when integrated with other tools. You or a DevOps Engineer on your team could set up SonarQube in a way that a Jenkins job would be marked as failed if the latest build does not pass Quality Gates; the Build Breaker Plugin is great for accomplishing this.

DIY Dashboards

Custom dashboards are a necessity for fully utilizing the benefits of SonarQube. In essence, SonarQube accomplishes code analysis and compiles metrics. As a user, you can customize dashboards using widgets for all of those metrics.

It’s up to you to create the perfect dashboard that makes the most sense for your team’s project. Whatever combination of widgets you choose, the functionality is available.

Go the Extra Mile

Remove extra steps and needless processes, and get down to real-time data that conveys how teams are really doing. Limit manual work, and take advantage of the automation.

Leave a Reply

Your email address will not be published. Required fields are marked *