{"id":28284,"date":"2022-03-05T09:32:59","date_gmt":"2022-03-05T09:32:59","guid":{"rendered":"https:\/\/www.devopsschool.com\/blog\/?p=28284"},"modified":"2022-12-23T06:48:08","modified_gmt":"2022-12-23T06:48:08","slug":"what-is-sonarqube-and-how-it-works-an-overview-and-its-use-cases","status":"publish","type":"post","link":"https:\/\/www.devopsschool.com\/blog\/what-is-sonarqube-and-how-it-works-an-overview-and-its-use-cases\/","title":{"rendered":"What is SonarQube and How it works? An Overview and Its Use Cases"},"content":{"rendered":"<h3>History &amp; Origin of SonarQube?<\/h3>\n<p><b>Simon Brandhof starts developing the Sonar platform by integrating best-of-breed open source tools for Java<\/b>. The two of them are joined in September 2007 by Olivier Gaudin, who was enthused by the Sonar platform&#8217;s vision and starts contributing to it.<\/p>\n<p>Back in\u00a0<b>2007<\/b>, when first lines of code were created, the founders of SonarQube (originally called Sonar) had a dream to one day provide every developer the ability to measure the code quality of his projects. Their motto: \u201cContinuous Inspection must become mainstream as Continuous Integration\u201d<\/p>\n<div class=\"mini-page-lead\">\n<p>Covering\u00a0<a href=\"https:\/\/www.sonarqube.org\/features\/multi-languages\/\" target=\"_blank\" rel=\"noopener\">27 programming languages<\/a>, while pairing-up with your existing software pipeline, SonarQube provides clear remediation guidance for developers to understand and fix issues and for teams overall to deliver better, safer software. With over 170,000 deployments, helping small development teams as well as global organizations, SonarQube provides the means for all teams and companies, around the world, to own and impact their Code Quality and Security.<\/p>\n<\/div>\n<div class=\"feature\">\n<div class=\"page-container\">\n<div class=\"feature-main\">\n<p>Back in 2007, when first lines of code were created, the founders of SonarQube (originally called Sonar) had a dream to one day provide every developer the ability to measure the code quality of his projects. Their motto: \u201cContinuous Inspection must become mainstream as Continuous Integration\u201d.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<h3>What is SonarQube?<\/h3>\n<div id=\"WEB_ANSWERS_RESULT_10_3CUjYtzwKNaJhwPazrDwBA__3\">\n<div class=\"wDYxhc\" data-md=\"61\">\n<div class=\"LGOjhe\" role=\"heading\" data-attrid=\"wa:\/description\" data-hveid=\"CA4QAA\"><span class=\"ILfuVd\"><span class=\"hgKElc\">SonarQube is\u00a0<b>a Code Quality Assurance tool that collects and analyzes source code, and provides reports for the code quality of your project<\/b>. It combines static and dynamic analysis tools and enables quality to be measured continually over time.<\/span><\/span><\/div>\n<div role=\"heading\" data-attrid=\"wa:\/description\" data-hveid=\"CA4QAA\"><\/div>\n<\/div>\n<div role=\"heading\" data-attrid=\"wa:\/description\" data-hveid=\"CA4QAA\">\n<h1>Overview<\/h1>\n<div class=\"markdown-content\">\n<p>Once the SonarQube platform has been installed, you&#8217;re ready to install a scanner and begin creating projects. To do that, you must install and configure the scanner that is most appropriate for your needs. Do you build with:<\/p>\n<ul>\n<li>Gradle &#8211;\u00a0<a href=\"https:\/\/docs.sonarqube.org\/latest\/analysis\/scan\/sonarscanner-for-gradle\/\" target=\"_blank\" rel=\"noopener\">SonarScanner for Gradle<\/a><\/li>\n<li>.NET &#8211;\u00a0<a href=\"https:\/\/docs.sonarqube.org\/latest\/analysis\/scan\/sonarscanner-for-msbuild\/\" target=\"_blank\" rel=\"noopener\">SonarScanner for .NET<\/a><\/li>\n<li>Maven &#8211; use the\u00a0<a href=\"https:\/\/docs.sonarqube.org\/latest\/analysis\/scan\/sonarscanner-for-maven\/\" target=\"_blank\" rel=\"noopener\">SonarScanner for Maven<\/a><\/li>\n<li>Jenkins &#8211;\u00a0<a href=\"https:\/\/docs.sonarqube.org\/latest\/analysis\/scan\/sonarscanner-for-jenkins\/\" target=\"_blank\" rel=\"noopener\">SonarScanner for Jenkins<\/a><\/li>\n<li>Azure DevOps &#8211;\u00a0<a href=\"https:\/\/docs.sonarqube.org\/latest\/analysis\/scan\/sonarscanner-for-azure-devops\/\" target=\"_blank\" rel=\"noopener\">SonarQube Extension for Azure DevOps<\/a><\/li>\n<li>Ant &#8211;\u00a0<a href=\"https:\/\/docs.sonarqube.org\/latest\/analysis\/scan\/sonarscanner-for-ant\/\" target=\"_blank\" rel=\"noopener\">SonarScanner for Ant<\/a><\/li>\n<li>anything else (CLI) &#8211;\u00a0<a href=\"https:\/\/docs.sonarqube.org\/latest\/analysis\/scan\/sonarscanner\/\" target=\"_blank\" rel=\"noopener\">SonarScanner<\/a><\/li>\n<\/ul>\n<div class=\"wWOJcd\" role=\"button\" aria-labelledby=\"exacc_3CUjYtzwKNaJhwPazrDwBA7\">\n<h3 id=\"exacc_3CUjYtzwKNaJhwPazrDwBA7\" class=\"iDjcJe IX9Lgd wwB5gf\">Why should we use SonarQube?<\/h3>\n<div class=\"r21Kzd\" data-hveid=\"CBYQAQ\" data-ved=\"2ahUKEwjczumDza72AhXWxGEKHVonDE4Quk56BAgWEAE\">SonarQube <b>reduces the risk of software development within a very short amount of time<\/b>. It detects bugs in the code automatically and alerts developers to fix them before rolling it out for production. SonarQube also highlights the complex areas of code that are less covered by unit tests<\/div>\n<div data-hveid=\"CBYQAQ\" data-ved=\"2ahUKEwjczumDza72AhXWxGEKHVonDE4Quk56BAgWEAE\"><\/div>\n<\/div>\n<\/div>\n<div data-hveid=\"CBYQAQ\" data-ved=\"2ahUKEwjczumDza72AhXWxGEKHVonDE4Quk56BAgWEAE\">\n<h3>How SonarQube works aka SonarQube architecture?<\/h3>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-28286 size-large\" src=\"https:\/\/www.devopsschool.com\/blog\/wp-content\/uploads\/2022\/03\/architecture-scanning-1024x270.png\" alt=\"\" width=\"760\" height=\"200\" \/><\/p>\n<\/div>\n<\/div>\n<\/div>\n<ol>\n<li>One SonarQube Server starting 3 main processes:\n<ul>\n<li>Web Server for developers, managers to browse quality snapshots and configure the SonarQube instance<\/li>\n<li>Search Server based on Elasticsearch to back searches from the UI<\/li>\n<li>Compute Engine Server in charge of processing code analysis reports and saving them in the SonarQube Database<\/li>\n<\/ul>\n<\/li>\n<li>One SonarQube Database to store:\n<ul>\n<li>the configuration of the SonarQube instance (security, plugins settings, etc.)<\/li>\n<li>the quality snapshots of projects, views, etc.<\/li>\n<\/ul>\n<\/li>\n<li>Multiple SonarQube Plugins installed on the server, possibly including language, SCM, integration, authentication, and governance plugins<\/li>\n<li>One or more SonarScanners running on your Build \/ Continuous Integration Servers to analyze projects<\/li>\n<\/ol>\n<h2 id=\"header-2\" class=\"\">Integration<\/h2>\n<p>The following schema shows how SonarQube integrates with other ALM tools and where the various components of SonarQube are used.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-28287 size-full\" src=\"https:\/\/www.devopsschool.com\/blog\/wp-content\/uploads\/2022\/03\/architecture-integrate.png\" alt=\"\" width=\"900\" height=\"525\" \/><\/p>\n<ol>\n<li>Developers code in their IDEs and use\u00a0<a href=\"https:\/\/sonarlint.org\/\" target=\"_blank\" rel=\"noopener\">SonarLint<\/a>\u00a0to run local analysis.<\/li>\n<li>Developers push their code into their favourite SCM : git, SVN, TFVC, &#8230;<\/li>\n<li>The Continuous Integration Server triggers an automatic build, and the execution of the SonarScanner required to run the SonarQube analysis.<\/li>\n<li>The analysis report is sent to the SonarQube Server for processing.<\/li>\n<li>SonarQube Server processes and stores the analysis report results in the SonarQube Database, and displays the results in the UI.<\/li>\n<li>Developers review, comment, challenge their Issues to manage and reduce their Technical Debt through the SonarQube UI.<\/li>\n<li>Managers receive Reports from the analysis. Ops use APIs to automate configuration and extract data from SonarQube. Ops use JMX to monitor SonarQube Server.<\/li>\n<\/ol>\n<h2 id=\"header-3\">About Machines and Locations<\/h2>\n<ul>\n<li>The SonarQube Platform cannot have more than one SonarQube Server (although the Server can be installed\u00a0<a href=\"https:\/\/docs.sonarqube.org\/8.1\/setup\/install-cluster\/\" target=\"_blank\" rel=\"noopener\">as a cluster<\/a>) and one SonarQube Database.<\/li>\n<li>For optimal performance, each component (server, database, scanners) should be installed on a separate machine, and the server machine(s) should be dedicated.<\/li>\n<li>SonarScanners scale by adding machines.<\/li>\n<li>All machines must be time synchronized.<\/li>\n<li>The SonarQube Server and the SonarQube Database must be located in the same network<\/li>\n<li>SonarScanners don&#8217;t need to be on the same network as the SonarQube Server.<\/li>\n<li>There is\u00a0<strong>no communication<\/strong>\u00a0between\u00a0<strong>SonarScanners<\/strong>\u00a0and the\u00a0<strong>SonarQube Database<\/strong>.<\/li>\n<\/ul>\n<h3>Use case of\u00a0 SonarQube?<\/h3>\n<p>SonarQube is used\u00a0<b>as part of the build process (Continuous Integration and Continuous Delivery) in all Java services to ensure a high quality of code and remove bugs that can be found during static analysis<\/b>.<\/p>\n<p>SonarQube is a\u00a0<b>Code Quality Assurance tool that collects and analyzes source code<\/b>, and provides reports for the code quality of your project. It combines static and dynamic analysis tools and enables quality to be measured continually over time.<\/p>\n<div class=\"co8aDb\" role=\"heading\"><b>How to Use SonarQube Tool For Code Quality:<\/b><\/div>\n<div class=\"RqBzHd\">\n<ol class=\"X5LH0c\">\n<li class=\"TrT0Xe\">Step 1: Download and Unzip SonarQube. Prerequisites: Java (Oracle JRE11 or OpenJDK 11 minimum) &#8230;<\/li>\n<li class=\"TrT0Xe\">Step 2: Run the SonarQube local server. &#8230;<\/li>\n<li class=\"TrT0Xe\">Step 3: Start a new SonarQube project. &#8230;<\/li>\n<li class=\"TrT0Xe\">Step 4: Setup Project properties and SonarScanner. &#8230;<\/li>\n<li class=\"TrT0Xe\">Step 5: View your analysis report on Sonar Dashboard.<\/li>\n<\/ol>\n<div class=\"wWOJcd\" role=\"button\" aria-labelledby=\"exacc_hCcjYs-KLuym2roPy9m26A05\">\n<div id=\"exacc_hCcjYs-KLuym2roPy9m26A05\" class=\"iDjcJe IX9Lgd wwB5gf\">How do you write test cases in SonarQube?<\/div>\n<div class=\"YsGUOb\"><\/div>\n<div class=\"r21Kzd\" data-hveid=\"CA8QAQ\" data-ved=\"2ahUKEwjP3IXOzq72AhVsk1YBHcusDd0Quk56BAgPEAE\"><\/div>\n<\/div>\n<div id=\"exacc_hCcjYs-KLuym2roPy9m26A06\" class=\"MBtdbb\" data-ved=\"2ahUKEwjP3IXOzq72AhVsk1YBHcusDd0Q7NUEegQIDxAD\">\n<div class=\"ymu2Hb\">\n<div id=\"_hCcjYs-KLuym2roPy9m26A025\" class=\"t0bRye r2fjmd\" data-hveid=\"CA8QBA\" data-ved=\"2ahUKEwjP3IXOzq72AhVsk1YBHcusDd0Qu04oAHoECA8QBA\">\n<div id=\"WEB_ANSWERS_RESULT_18_hCcjYs-KLuym2roPy9m26A0__17\">\n<div class=\"wDYxhc\" data-md=\"83\">\n<div class=\"di3YZe\">\n<div class=\"co8aDb\" role=\"heading\"><b>Importing .<\/b>\u00a0<b>NET reports<\/b><\/div>\n<div class=\"RqBzHd\">\n<ol class=\"X5LH0c\">\n<li class=\"TrT0Xe\">Run the SonarScanner. &#8230;<\/li>\n<li class=\"TrT0Xe\">Build your project using MSBuild.<\/li>\n<li class=\"TrT0Xe\">Run your test tool, instructing it to produce a report at the same location specified earlier to the MSBuild SonarQube Runner (How to generate reports with different tools)<\/li>\n<li class=\"TrT0Xe\">Run the SonarScanner.<\/li>\n<\/ol>\n<h3>Feature and Advantage of using SonarQube<\/h3>\n<\/div>\n<p>SonarQube platform\u00a0<b>significantly increases the lifetime of applications by reducing complexities, duplications and potential bugs in the code, by keeping neat and clean code architecture and increased unit tests<\/b>. SonarQube increases maintainability of the software. It also has the ability to handle changes.<\/p>\n<div class=\"co8aDb\" role=\"heading\"><b>Benefits of SonarQube<\/b><\/div>\n<div class=\"RqBzHd\">\n<ul class=\"i8Z77e\">\n<li class=\"TrT0Xe\">Sustainability &#8211; Reduces complexity, possible vulnerabilities, and code duplications, optimising the life of applications.<\/li>\n<li class=\"TrT0Xe\">Increase productivity &#8211; Reduces the scale, cost of maintenance, and risk of the application; as such, it removes the need to spend more time changing the code.<\/li>\n<\/ul>\n<div class=\"wWOJcd\" role=\"button\" aria-labelledby=\"exacc_BCgjYveUG9GgwAONlZ_4Ag7\">\n<h3 id=\"exacc_BCgjYveUG9GgwAONlZ_4Ag7\" class=\"iDjcJe IX9Lgd wwB5gf\">What is SonarQube and its features?<\/h3>\n<\/div>\n<div id=\"exacc_BCgjYveUG9GgwAONlZ_4Ag8\" class=\"MBtdbb\" data-ved=\"2ahUKEwj3pveKz672AhVREHAKHY3KBy8Q7NUEegQIFRAD\">\n<div class=\"ymu2Hb\">\n<div id=\"_BCgjYveUG9GgwAONlZ_4Ag28\" class=\"t0bRye r2fjmd\" data-hveid=\"CBUQBA\" data-ved=\"2ahUKEwj3pveKz672AhVREHAKHY3KBy8Qu04oAHoECBUQBA\">\n<div id=\"WEB_ANSWERS_RESULT_18_BCgjYveUG9GgwAONlZ_4Ag__17\">\n<div class=\"wDYxhc\" data-md=\"61\">\n<div class=\"LGOjhe\" role=\"heading\" data-attrid=\"wa:\/description\" data-hveid=\"CAoQAA\"><span class=\"ILfuVd\"><span class=\"hgKElc\">SonarQube is a\u00a0<b>Code Quality Assurance tool that collects and analyzes source code<\/b>, and provides reports for the code quality of your project. &#8230; Sonarqube also ensures code reliability, Application security, and reduces technical debt by making your code base clean and maintainable.<\/span><\/span><\/div>\n<\/div>\n<\/div>\n<h3 role=\"heading\" data-attrid=\"wa:\/description\" data-hveid=\"CAoQAA\">Best Alternative of SonarQube<\/h3>\n<p>Browse options below. Based on reviewer data you can see how SonarQube stacks up to the competition, check reviews from current &amp; previous users in industries like Information Technology and Services, Computer Software, and Financial Services, and find the best product for your business.<\/p>\n<div class=\"co8aDb\" role=\"heading\"><b>Top 10 Alternatives to SonarQube<\/b><\/div>\n<div class=\"RqBzHd\">\n<ul class=\"i8Z77e\">\n<li class=\"TrT0Xe\">Embold.<\/li>\n<li class=\"TrT0Xe\">GitHub.<\/li>\n<li class=\"TrT0Xe\">Coverity.<\/li>\n<li class=\"TrT0Xe\">Checkmarx.<\/li>\n<li class=\"TrT0Xe\">Klocwork.<\/li>\n<li class=\"TrT0Xe\">GitLab.<\/li>\n<li class=\"TrT0Xe\">Veracode Application Security Platform.<\/li>\n<li class=\"TrT0Xe\">Kiuwan Code Security &amp; Insights.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/www.g2.com\/products\/sonarqube\/competitors\/alternatives\" target=\"_blank\" rel=\"noopener\">Please Click here more Top 10 <b>Alternatives to SonarQube<\/b><\/a><\/p>\n<h3 role=\"heading\" data-attrid=\"wa:\/description\" data-hveid=\"CAoQAA\">Best Resources, Tutorials and Guide for SonarQu<\/h3>\n<ol>\n<li><a href=\"https:\/\/www.devopsschool.com\/courses\/sonarqube\/\">devopsschool.com<\/a><\/li>\n<li><a href=\"https:\/\/www.udemy.com\/course\/sonarqube-the-complete-guide-2021-edition\/\" target=\"_blank\" rel=\"noopener\">udemy.com<\/a><\/li>\n<li><a href=\"https:\/\/www.devopsuniversity.org\/sonarqube-setup-guide\/\" target=\"_blank\" rel=\"noopener\">devopsuniversity.org<\/a><\/li>\n<\/ol>\n<h3>Free Video Tutorials of SonarQube<\/h3>\n<figure class=\"wp-block-embed wp-block-embed-youtube is-type-video is-provider-youtube epyt-figure\"><div class=\"wp-block-embed__wrapper\"><iframe loading=\"lazy\"  id=\"_ytid_71092\"  width=\"760\" height=\"427\"  data-origwidth=\"760\" data-origheight=\"427\" src=\"https:\/\/www.youtube.com\/embed\/UjCVCvdI73w?enablejsapi=1&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&disablekb=0&\" class=\"__youtube_prefs__  no-lazyload\" title=\"YouTube player\"  allow=\"fullscreen; accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen data-no-lazy=\"1\" data-skipgform_ajax_framebjll=\"\"><\/iframe><\/div><\/figure>\n<figure class=\"wp-block-embed wp-block-embed-youtube is-type-video is-provider-youtube epyt-figure\"><div class=\"wp-block-embed__wrapper\"><iframe loading=\"lazy\"  id=\"_ytid_77540\"  width=\"760\" height=\"427\"  data-origwidth=\"760\" data-origheight=\"427\" src=\"https:\/\/www.youtube.com\/embed\/lwqfVLfBn4s?enablejsapi=1&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&disablekb=0&\" class=\"__youtube_prefs__  no-lazyload\" title=\"YouTube player\"  allow=\"fullscreen; accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen data-no-lazy=\"1\" data-skipgform_ajax_framebjll=\"\"><\/iframe><\/div><\/figure>\n<figure class=\"wp-block-embed wp-block-embed-youtube is-type-video is-provider-youtube epyt-figure\"><div class=\"wp-block-embed__wrapper\"><iframe loading=\"lazy\"  id=\"_ytid_68961\"  width=\"760\" height=\"427\"  data-origwidth=\"760\" data-origheight=\"427\" src=\"https:\/\/www.youtube.com\/embed\/UjCVCvdI73w?enablejsapi=1&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&disablekb=0&\" class=\"__youtube_prefs__  no-lazyload\" title=\"YouTube player\"  allow=\"fullscreen; accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen data-no-lazy=\"1\" data-skipgform_ajax_framebjll=\"\"><\/iframe><\/div><\/figure>\n<h3>Interview Questions and Answer for\u00a0 SonarQube<\/h3>\n<p><strong>Is it right definition of Sonarqube?<br \/>\nSonarQube (formerly Sonar) is a quality management platform focusing on continuous analysis of source code quality.<\/strong><\/p>\n<ul>\n<li><strong>YES (Ans)<\/strong><\/li>\n<li>NO<\/li>\n<\/ul>\n<p><strong>Which is not a severities in this list<\/strong><\/p>\n<ul>\n<li>Blocker<\/li>\n<li>Critical<\/li>\n<li>Major<\/li>\n<li><strong>Biggest (Ans)<\/strong><\/li>\n<\/ul>\n<p><strong>Is it right defintion of SonarQube Scanners?<br \/>\nThe SonarQube Scanner is recommended as the default launcher to analyze a project with SonarQube.<\/strong><\/p>\n<ul>\n<li><strong>YES (Ans)<\/strong><\/li>\n<li>NO<\/li>\n<\/ul>\n<p><strong>How to extend the functionality of SonarQube?<\/strong><\/p>\n<ul>\n<li>Modules<\/li>\n<li><strong>Plugins (Ans)<\/strong><\/li>\n<li>Extension<\/li>\n<li>Ads on<\/li>\n<\/ul>\n<p><strong>Which statement is correct?<\/strong><\/p>\n<ul>\n<li><strong>Sonar will run CheckStyle, FindBugs and PMD by default for Java projects (Ans)<\/strong><\/li>\n<li>Sonar will run Checkmate by default for Java projects<\/li>\n<li>Sonar will run FindIssue by default for Java projects<\/li>\n<li>Sonar will run PMDtest by default for Java projects<\/li>\n<\/ul>\n<p><strong>Which is not a axis of code quality in SonarQube?<\/strong><\/p>\n<ul>\n<li>Architecture and Design<\/li>\n<li>Complexity<\/li>\n<li>Potential bugs<\/li>\n<li><strong>Code Coverage (Ans)<\/strong><\/li>\n<\/ul>\n<p><strong>What is the prerequisite for SonarQube Installation?<\/strong><\/p>\n<ul>\n<li><strong>Java (Ans)<\/strong><\/li>\n<li>DOTNET<\/li>\n<li>JavaScript<\/li>\n<li>Php<\/li>\n<\/ul>\n<p><strong>Which is not part of Code Technical Review in SoanrQube?<\/strong><\/p>\n<ul>\n<li>Confirm<\/li>\n<li>Change Severity<\/li>\n<li>Resolve<\/li>\n<li><strong>Submited (Ans)<\/strong><\/li>\n<\/ul>\n<p><strong>What is not a search criteria for the rules in SonarQube?<\/strong><\/p>\n<ul>\n<li>Language<\/li>\n<li>Type<\/li>\n<li>Tag<\/li>\n<li><strong>Develop (Ans)<\/strong><\/li>\n<\/ul>\n<p><strong>Which is the not found in sonar-project.properties?<\/strong><\/p>\n<ul>\n<li>sonar.projectVersion<\/li>\n<li>sonar.sources<\/li>\n<li><strong>sonar.code (Ans)<\/strong><\/li>\n<li>sonar.language<\/li>\n<\/ul>\n<p><strong>Which property should be decalred for SonarQube Project base dir?<\/strong><\/p>\n<ul>\n<li><strong>sonar.projectBaseDir (Ans)<\/strong><\/li>\n<li>sonar.working.directory<\/li>\n<li>sonar.basedir<\/li>\n<li>sonar.projectdir<\/li>\n<\/ul>\n<p><strong>Which property should be decalred to tell SonarQube which SCM plugin should be used to grab SCM data on the project<\/strong><\/p>\n<ul>\n<li><strong>sonar.scm.provider (Ans)<\/strong><\/li>\n<li>sonar.scm<\/li>\n<li>sonar.git<\/li>\n<li>sonar.version<\/li>\n<\/ul>\n<p><strong>Which property should be decalred to tell SonarQube log level?<\/strong><\/p>\n<ul>\n<li>INFO<\/li>\n<li>DEBUG<\/li>\n<li>TRACE<\/li>\n<li><strong>ERROR (Ans)<\/strong><\/li>\n<\/ul>\n<p><strong>Which is not supported Log Level in SonarQube?<\/strong><\/p>\n<ul>\n<li>sonar.log.level<\/li>\n<li><strong>sonar.verbose (Ans)<\/strong><\/li>\n<li>sonar.log<\/li>\n<li>sonar.loglevel<\/li>\n<\/ul>\n<p><strong>Is it right definition of Code Smell? A maintainability-related issue in the code. Leaving it as-is means that at best maintainers will have a harder time than they should making changes to the code. At worst, they\u2019ll be so confused by the state of the code that they\u2019ll introduce additional errors as they make changes.<\/strong><\/p>\n<ul>\n<li><strong>YES (Ans)<\/strong><\/li>\n<li>NO<\/li>\n<\/ul>\n<p><strong>Is it right definition of Coding Rule? A good coding practice. Not complying to coding rules leads to quality flaws and creation of issues in SonarQube. Coding rules can check quality on files, unit tests or packages.<\/strong><\/p>\n<ul>\n<li><strong>YES (Ans)<\/strong><\/li>\n<li>NO<\/li>\n<\/ul>\n<p><strong>Is it right definition of Analyzer? A client application that analyzes the source code to compute snapshots.<\/strong><\/p>\n<ul>\n<li><strong>YES (Ans)<\/strong><\/li>\n<li>NO<\/li>\n<\/ul>\n<p><strong>Which is not severities in Sonarqube?<\/strong><\/p>\n<ul>\n<li>Options<\/li>\n<li>Blocker<\/li>\n<li>Major<\/li>\n<li>Critical<\/li>\n<li><strong>Issues (Ans)<\/strong><\/li>\n<\/ul>\n<p><strong>Is it possible to Copy the rules from one profile to another?<\/strong><\/p>\n<ul>\n<li><strong>YES (Ans)<\/strong><\/li>\n<li>NOT<\/li>\n<\/ul>\n<p><strong>Is it possible to Copy a profile from one SonarQube instance to another?<\/strong><\/p>\n<ul>\n<li><strong>YES (Ans)<\/strong><\/li>\n<li>NOT<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<\/div>\n<p>&nbsp;<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"RqBzHd\">\n<p>&nbsp;<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>History &amp; Origin of SonarQube? Simon Brandhof starts developing the Sonar platform by integrating best-of-breed open source tools for Java. The two of them are joined in September 2007 by Olivier Gaudin, who was enthused by the Sonar platform&#8217;s vision and starts contributing to it. Back in\u00a02007, when first lines of code were created, the&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","_joinchat":[],"footnotes":""},"categories":[158],"tags":[620],"class_list":["post-28284","post","type-post","status-publish","format-standard","hentry","category-sonarqube","tag-alternate-of-sonarqube"],"_links":{"self":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/28284","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/comments?post=28284"}],"version-history":[{"count":1,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/28284\/revisions"}],"predecessor-version":[{"id":32448,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/posts\/28284\/revisions\/32448"}],"wp:attachment":[{"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/media?parent=28284"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/categories?post=28284"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.devopsschool.com\/blog\/wp-json\/wp\/v2\/tags?post=28284"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}