SonarQube in Action
G. Ann Campbell and Patroklos P. Papapetrou
Foreword by Olivier Gaudin
  • October 2013
  • ISBN 9781617290954
  • 392 pages
  • printed in black & white

A unique source of information for successful implementation.

From the Foreword by Olivier Gaudin, CEO of SonarSource

SonarQube in Action shows developers how to use the SonarQube platform to help them continuously improve their source code. The book presents SonarQube's core Seven Axes of Quality: design /architecture, duplications, comments, unit tests, complexity, potential bugs, coding rules. You'll find simple, easy-to-follow discussion and examples as you learn to integrate SonarQube into your development process.

Table of Contents show full




about this book

about the cover illustration

Part 1 What the numbers are telling you

1. Chapter 1 An introduction to SonarQube

1.1. Why SonarQube

1.2. Running your first analysis

1.3. Seven Axes of Quality

1.4. The languages SonarQube covers

1.5. Interface conventions

1.7. Summary

2. Chapter 2 Issues and coding standards

2.1. Looking at your issues

2.2. What issues mean, and why they’re potential problems

2.3. Where do issues come from?

2.5. Summary

3. Chapter 3 Ensuring that your code is doing things right

3.1. Knowing how much of your code is doing things right

3.2. Explaining metrics on a file level

3.3. Configuring your favorite code-coverage tool

3.4. Integration testing

3.6. Summary

4. Chapter 4 Working with duplicate code

4.1. The hidden cost of duplicate code

4.2. Identifying duplications

4.3. Realizing the impact of code duplication

4.4. Finding duplications across multiple projects

4.5. Cleaning up your duplications

4.7. Summary

5. Chapter 5 Optimizing source code documentation

5.1. To document or not?

5.2. Even commenting has its own metrics

5.3. Identifying undocumented code

5.4. Simplifying your documentation strategy

5.6. Summary

6. Chapter 6 Keeping your source code files elegant

6.1. Keeping complexity low

6.2. Lack of Cohesion of Methods: files that do too much

6.3. RFC and couplings: classes with too many friends

6.4. Summary

7. Chapter 7 Improving your application design

7.1. Layering your code

7.2. Discovering dependencies and eliminating cycles

7.3. Defining your architectural rule set

7.4. Summary

Part 2 Settling in with SonarQube

8. Chapter 8 Planning a strategy and expanding your insight

8.1. Planning your strategy

8.3. Everything’s a component

8.5. Summary

9. Chapter 9 Continuous Inspection with SonarQube

9.1. Introducing Continuous Inspection

9.2. Triggering your analysis with CI

9.3. Monitoring quality evolution

9.5. Summary

10. Chapter 10 Letting SonarQube drive code reviews

10.1. Reviewing code in SonarQube

10.2. Creating manual issues: when the rules aren’t enough

10.3. Tracking issues

10.4. Planning your work with SonarQube’s action plans

10.5. Structuring a code review

10.7. Summary

11. Chapter 11 IDE integration

11.1. What’s supported

11.2. Setting up Eclipse integration

11.3. Working your assigned issues

11.4. Running a local analysis

11.6. Summary

Part 3 Administering and extending

12. Chapter 12 Security: users, groups, and roles

12.1. Creating users and groups

12.2. Roles: who can do what

12.3. System administrators

12.5. Summary

13. Chapter 13 Rule profile administration

13.1. Making your own profile: copy and modify

13.2. Profile inheritance

13.3. Rule editing

13.4. Alerts: knowing when your metrics have crossed the line

13.5. How to track profile changes

13.6. Administrative miscellany

13.7. Plugins

13.8. Summary

14. Chapter 14 Making SonarQube fit your needs

14.1. Exploring filters

14.2. One size doesn’t fit all: managing global dashboards

14.3. Getting notified by SonarQube

14.4. Adjusting global settings

14.5. Housekeeping

14.6. Summary

15. Chapter 15 Managing your projects

15.1. Working with project dashboards

15.2. Adopting Continuous Inspection more quickly

15.3. Exploring the rest of the project configuration

15.4. Summary

16. Chapter 16 Writing your own plugin

16.1. Understanding SonarQube’s architecture

16.2. Implementing the Redmine plugin

16.3. Adding support for new programming languages

16.4. Summary

Appendix A: Installation and setup

Appendix B: Analysis


© 2014 Manning Publications Co.

About the Technology

SonarQube is a powerful open source tool for continuous inspection, a process that makes code quality analysis and reporting an integral part of the development lifecycle. Its unique dashboards, rule-based defect analysis, and tight build integration result in improved code quality without disruption to developer workflow. It supports many languages, including Java, C, C++, C#, PHP, and JavaScript.

About the book

SonarQube in Action teaches you how to effectively use SonarQube following the continuous inspection model. This practical book systematically explores SonarQube's core Seven Axes of Quality (design, duplications, comments, unit tests, complexity, potential bugs, and coding rules). With well-chosen examples, it helps you learn to use SonarQube's review functionality and IDE integration to implement continuous inspection best practices in your own quality management process.

What's inside

  • Gather meaningful quality metrics
  • Integrate with Ant, Maven, and Jenkins
  • Write your own plugins
  • Master the art of continuous inspection

About the reader

The book's Java-based examples translate easily to other development languages. No prior experience with SonarQube or continuous delivery practice is assumed

About the authors

Ann Campbell and Patroklos Papapetrou are experienced developers and team leaders. Both actively contribute to the SonarQube community.

combo $49.99 pBook + eBook
eBook $39.99 pdf + ePub + kindle

FREE domestic shipping on three or more pBooks

Not just a reference manual for Sonar, but a guide to retooling your entire software development process.

Alex Garrett, Hot Towel Consulting

Lives up the high standards of Manning "In Action" books ... provides a great narrative on how to complement and extend Sonar’s online documentation.

Steve Hicks, MyDonate

Highly recommended for all agile engineers.

Michael Hüttermann, Author of Agile ALM