Skip to content

Add SonarQube quality scanning

Jamie Tanna requested to merge chore/sonar into main

SonarQube is a great tool for providing meaningful improvement on code contributions, picking up on things that may even be missed by experienced engineers performing code review, as well as making it so they don't have to.

As my side projects are mostly on my own, I'll have to rely on just SonarQube.

We can utilise the Gradle plugin to perform the reporting to SonarCloud, which provides a nice hosted experience.

We also need to add JaCoCo for code coverage to ensure that we've got our code coverage stats as a good (but not perfect) measure of how much of the code is tested.

We also want to make our stages wait for the results, so we can fail builds if they don't match the expected Quality Gate.

We also need to upgrade our build image as it's required to be scanned with > JDK 8. As we're using the Toolchains plugin, there's nothing else to do.

Closes #8 (closed).

Merge request reports