Geek Culture
Published in

Geek Culture

Reading memo for SonarQube in Action


What is SonarQube and why use SonarQube? As an software engineer that we all purse our productivity more higher and better quality of our code. More and more companies that applying code review process or pair programming was actually make sure that every lines of code should be guarantee above average of quality before commit into the production environment.

So far as we known that senior engineers with time bottleneck and resource limit for reviewing everything for the juniors’. So the product SonarQube could do some fever for us. SonarQube will scan our project code line by line and perform analysis result and suggestion for the team.

Indeed, someone might challenge that SonarQube can not recognize the business logic and we still need others colleague to support code review and validation processes. That’s true but with help of SonarQube that give us improve our code quality in the very first step😃

SonarQube measured the code according the criteria so called Seven Axes of Quality:

🌡 Potential bugs
🌡 Coding rules
🌡 Tests
🌡 Duplications
🌡 Comments
🌡 Architecture and design
🌡 Complexity

That’s give some simply example(s) to describe those axes and see how SonarQube guide us.

Coding rules

We could customize our own team’s rule(s) or select / filter the in-definition rule(s) for code scan.


Since we usually have version control like git or svn…so for maintenance consideration we could keep the fresh code for clean manner.

Architecture and design

The hint indicate that for better reading and maintenance consideration, we might reduce parameter(s).


The function obviously include too much logic at the same time. Consider create another function and simply nested if/else block(s).


SonarQube reports duplication by line, block, and file. For the sample, considerate to move the common part to superclass. For the duplicated functions that extra to the level of platform library might be a consistency choice.

Potential bugs

When a class implements the IEquatable<T> interface, it enters a contract that, in effect, states "I know how to compare two instances of type T or any type derived from T for equality.". However if that class is derived, it is very unlikely that the base class will know how to make a meaningful comparison. Therefore that implicit contract is now broken.


Ensuring that your code is doing things right. SonarQube will display the unit test coverage for the project. Besides, SonarQube enable open source plugins provide integration with third-party tools. As sample indicate that we have test case for method (GetFormDetail)[Green Line] but left exception part uncovered [Dark-Red Line].


A new tech publication by Start it up (

Recommended from Medium

Informative guide to NC (Ncat) command in Linux

Understanding Computer Vision : Part 2

Speed Up Your Algorithms Part 3 — Parallel-ization

Securing Kubernetes with Network Policies-Demo

Data Engineer Interview Questions: Part IV

How to inject multiple implementations in Spring Framework

if not schema.validate(data): print(“Validation rules”)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Coding for fun

More from Medium

Impersonation in a .Net core application with Identity Server 4

TDD: Testing Testing… 1 2 3…

Introduction to the Azure IoT Products and an Overview of Azure IoT Hub.

Create Update and Delete Tags on Azure Resource