SonarQube Review

It helps us to determine the maturity and quality of the coding of our software customers, preventing future crashes in the software.

Valuable Features

To create your own quality profiles and gates is really cool; you can apply different policies depending the maturity grade of the project are you dealing with.

Also, we use a lot the time machine tool to take important decisions to determine if the projects are going in the right direction.

Elastic search is really helpful and also there is a plug-in we use a lot named "3D Code Metrics" that gives us a quick overview about the general situation about the projects.

Also, the integration with different CVS', and the dependency search are nice and helpful features.

Improvements to My Organization

This product helps us to determine the maturity and quality of the coding of our software customers, preventing future crashes in the software. We get users used to developing clean code makes SonarQube a valuable tool. Also, we use it for our internal software development helping us to create a good quality software.

Room for Improvement

With the new SonarQube versions, the analysis time is increasing, and some projects are difficult to configure due to the different modules and languages that it uses. A few versions ago, it had a multi-language option which was really helpful.

Use of Solution

I've used it for over two years.

Deployment Issues

The worst about this tool I think is the upgrade method, and it's really easy to wreck the database when upgrading. It would be better idea to make less versions, but make it easier and consistent to upgrade. Also, sometimes if you are using really old instances and you move to a new version it's possible to lose some information about projects.

Thanks to this tool we can improve old code were developers are not available anymore and display the projects filtering by different fields, we save a lot of time, and time is money.

Stability Issues

Once it is up and running, we didn't find any big issues with the stability, but it's important to configure in the right way the properties file according with you system specifications.

Customer Service and Technical Support

Customer Service:

I think is good, also there is a new forum named "" for the spanish community who helps a lot to spanish quality assurance fellas.

Technical Support:

I think is good, also there is a new forum, for the Spanish language community which helps a lot.

Previous Solutions

I used a few specific tools for the PHP language, that tools were really powerful (Codesniffer, PHPCPD, PHP Mess Detector among others) and provide a good information about the quality of our code. Nowadays, I am mixing that tools with SonarQube, but in shortly, I am thinking of using just SonarQube. The reason is that SonarQube is including more and more PHP rules in every PHP plugin version.

Initial Setup

After dealing with configuration files and SonarQube is up and running there is not a big problem to start working with it, SonarQube include some standard quality profiles that makes it easier for the beginners. Also, the option to configure your own dashboard with different widgets exists.

Implementation Team

I have experience with both of them and the main problem is not how the tool is working, but it's to make people follow the rules and change bad habits. However, I think that's a common challenge for our QA guild.

Pricing, Setup Cost and Licensing

Actually SonarQube offers a lot of free plug-ins for different languages, and we add additional paid plug-ins as well, such as PL/SQL, COBOL and Views, and our experience tell us that it is worth it.

Other Solutions Considered

Only one option we found competitive was CAST, but the prices and the functionality didn't convince us at all.

Disclosure: My company has a business relationship with this vendor other than being a customer: We are a SonarQube partner in Spain.
1 visitor found this review helpful
Add a Comment
Sign Up with Email