What is SonarQube
A self-managed, automatic code review tool called SonarQube methodically aids in the production of clean code. SonarQube, a key component of our Sonar product, works with your current workflow to spot errors in your code and then aids in the ongoing code inspection of your projects. Further to make sure your code complies with high standards, the tool scans 30+ different programming languages and interfaces with your CI pipeline and DevOps platform.
SonarQube notifies your team that there are problems to fix using its UI, emails, and decorations on pull or merge requests (in commercial editions). When operating in connected mode, SonarLint-supported IDEs can also get feedback. For developers of all levels of experience, SonarQube also offers in-depth help on the issues, explaining why each issue is a problem and how to fix it. Code is only promoted once it has been thoroughly reviewed and has passed the quality gate so that developers can address problems in an efficient manner.
A crucial aspect of your SonarQube configuration is the quality profiles. They specify the set of guidelines to be used while analyzing code.
For each supported language, a quality profile is set for every project. SonarQube determines which languages are used in a project during analysis and utilizes the active quality profile for each of those languages in that particular project.
To view all the presently defined profiles arranged by language, go to Quality Profiles.
Built-in and default profiles
The Sonar way profile, which is denoted with the BUILT-IN tag in the interface, is a built-in quality profile that SonarQube includes and has been defined for each supported language. Moreover, the Sonar method activates a set of guidelines that ought to be useful for the majority of projects.
The default profile is the default for every language and moreover in a freshly configured instance (denoted by the DEFAULT tag in the interface). Moreover, if no alternative profile is expressly provided at the project level for that language, the default profile is utilized. It is possible to alter the default profile for a specific language.
Steps to Upload Custom Quality Profile
Below are steps to be followed to upload a custom quality profile in Sonarqube
- Log in to Sonar https://alm.accenture.com/sonar
- Click on Quality Profiles
3. Click on Restore in the upper right corner. Then choose the XML file that you would like to upload > Restore.
4. To verify the upload, look for the quality profile uploaded recently under the language section and then you should be able to see the name of the new profile you have just uploaded
5. To associate the profile on a project, click on the name of the Quality Profile, click Change Projects
6. Select all the project/s that you would like to associate this profile with
7. More options visible:-
- Back-Up- To download a copy of quality profile rules
- Rename- To rename the quality profile
- Copy- To create a copy of the quality profile
- Set as Default- To set the selected quality profile as the Default quality profile for this specific language
- Delete- To delete the quality profile
- Activate More Rules- To activate more rules on this specific quality profile
Quality Profiles are groups of rules that are used in an analysis of a specific rule. Each language has its own quality profiles since SonarQube enables quality analysis for a variety of languages. Hence Quality Profile in SonarQube project help to scan each supported language wherein a quality profile is set for every project.