For us at Infobip, it is imperative that the products we deliver meet the highest quality standards. At the core of each product is the source code, making code quality the most important factor in determining the quality of the overall product.
To maintain high quality control, we chose to implement code review into our development process. However, after some time the reviews began to take up too much time, steering us away from other important tasks. The code review is consisted not only of a creative review process, but also from checking for repetitive errors, use of convention rules etc. The entire process came into question, so a logical solution was to automate part of it.
In our development centers we are trying to automate as fantuan database many manual tasks as we can, so we can focus on innovation which makes us the best choice for our customers. In this moment our developers can automatically deploy services, quickly and easily write public APIs and generate client libraries in different programming languages. It took us a long time to find the perfect solution, helping us with the partial automation of the code review. After researching various tools, we realized that SonarQube meets all of our requirements.
About SonarQube
SonarQube is an open source platform for code quality analysis. It belongs to the static code analysis tools, along with Understand, semmle, and others.
The platform receives the source code as an input. This code can either be sent from IDE or pulled from SCM. There are SonarQube plugins for the most popular IDEs that make running code analyses much easier. Based on the input, the platform starts to apply predefined rules and check if they are fulfilled. As an analysis output, a lot of useful information and propose improvements are provided as well.
The reason we chose SonarQube are the numerous and extensive Java rules. At the moment there is over 700 Java rules, and the number is constantly increasing. We are primarily performing analysis on code written in Java, but it can be easily performed on code written in one of 20 other programming languages.
Also, SonarQube is pluggable, so you can write your own plugins if you need support for a specific language or you want to write your own rules. If you need to add your own code rules, it’s possible by using XPath expressions or by creating a new plugin using Java.
The SonarQube platform consists of four components: analyzers, server, plugins installed on the server and, last but not least, database.
