SonarQube Integration

Metrics calculated by Sonar data

Having configured SonarQube the following metrics will be available: 

• Engineering summary: Code Quality

• Code Quality:

  • Cyclomatic Complexity

  • Code Maintainability Rating

  • Code Reliability Rating

  • Code Violations by Priorities

  • Duplicated Lines

  • Technical Debt

• Security:

  • OWASP Security Vulnerabilities

  • Security Rating

• Unit Testing:

  • Unit Test Coverage

  • Unit Test Success Rate

  • Unit Tests Count

• Code Documentation:

  • Code Comments

Perf supports integration with SonarQube version starting from 8.6

1 To generate API Token in SonarQube please refer to the https://docs.sonarqube.org/latest/user-guide/user-token/
Note: "User Token" type is required

2 For EPAM SonarQube instance please use the URL: https://sonar.epam.com/sonarqube

3 A reference of specific SonarQube measures mapped to "business" metrics is available here: https://docs.sonarqube.org/display/SONAR/Metric+Definitions

Limitation

SonarQube has a limitation of the amount of data to return: <= 10000 projects. Be aware of that fact while configuring a data source.

Number of selected Projects

In case if you have quite a lot of projects to select and thus visualize in the dashboards (e.g. more than 10), it might cause lots of data series in the charts  (e.g. Unit Test Success, Technical Debt, etc) - those which display Sonar data over a timeline. This will likely make those charts hard to read.

In such cases we recommend to use the Engineering summary: Code Quality chart - it can handle even a huge number of projects and still allow to drill-down into details of each chart.