The first thing I liked is sonar is opensource tool which is liked by most of the startups Review collected by and hosted on G2.com.
There is nothing much I didnt like, it is on the costlier side for community edition. Review collected by and hosted on G2.com.
29 out of 30 Total Reviews for SonarQube Community Edition for Ubuntu 16.04 with support by Kurian
Overall Review Sentiment for SonarQube Community Edition for Ubuntu 16.04 with support by Kurian
Log in to view review sentiment.
The assignment of the issues for the concerned author whoever committed that change and also analysis of each & every pull request. The cherry on the top is the simplified setup with an integrated pipeline. Review collected by and hosted on G2.com.
Sonarqube has fewer examples for setting up a pipeline in a more refined way ...should have elaborated examples to set up the pipeline from scratch for each like maven, Gradle , PHP...etc. We only see the steps to enter. Review collected by and hosted on G2.com.
It is similar to Jenkins but a much more powerful automation action tool for DevOps engineers. I used it for batch production release and the sonar cube never disappointed me. It is GUI based tool that came with a lot of features like code test and bug finder etc. Review collected by and hosted on G2.com.
We need expert knowledge to integrate it with Jenkins and Terraform. Installation and Configuration are hard and once you did the wrong configuration led to the failure of function. and a little bit lower than Jenkins in batch production releases. Review collected by and hosted on G2.com.
Best thing is installation snd setup. Easy to setup and easy to use. If your code is in non containerized then this tool is very good to get quality of code as well as to check the any exploited library Review collected by and hosted on G2.com.
The issue is that when we are going to scan the image it won't give that much results like other tools. Also we can't get to know the exploited libraries in our docker images. Review collected by and hosted on G2.com.
Analyzing every commit point from the author to see the quality of code being pushed is a great feature. Integrating it with pipelines like the ci/cd pipeline is also a great feature I felt. Review collected by and hosted on G2.com.
There should be more examples provided and explains in detail how ci/cd pipeline integration for different environments like Maven, Gradle or any build environment is much needed. Since the community support is not so great so it becomes a tedious task if while setting up one problem comes in the process Review collected by and hosted on G2.com.
As soon as Ubuntu 16.04 was launched in 2016, I downloaded and started using it. This Ubuntu was best supported with the latest Kernel version which gives a boost to the performance of the operating system. It was fast, smooth as well as stable. This version also includes a better GNOME version for smooth operations. Review collected by and hosted on G2.com.
There are always some crashes that happen to be in this version as well, But it doesn't directly affect the OS. Even those crashes were taken care of by the regular updates. Review collected by and hosted on G2.com.
It gives me confidence that sonarqube is correctly installed and ready for production. Usually, we end up with a misconfigured database or see some random issue with the elastic backend required as a dependency. I have also seen some issue if we create the wrong user and table name in Postgres/MySQL
With support with Kurian above mentioned things are already taken care of, and the deployment is production-ready and consistent Review collected by and hosted on G2.com.
Sometimes we don't have visibility over the logs folder or where the application is logging to. if the default logging or specific parameters are changed, then there needs to be a config file where we can mention the changes, and it Sonarqube picks these changes before deploying like a bootstrap script Review collected by and hosted on G2.com.
Sonar Qube rules helps improve the quality of our production code as developers are prompted when they use github libraries that are non complaint and the DevOps pipeline doesn't allow help to deploy the changes.
Multiple new features are updated regularly which helps to improve the code coverage. Review collected by and hosted on G2.com.
SonarCloud offering doesn't have to be deployed and is more of a plug and play which helps saves us integration effort which is required in SonarQube. If newer versions support that it would be great Review collected by and hosted on G2.com.
Dashboard and UI of the new version is user friendly. Review collected by and hosted on G2.com.
We can increase more rules in the default installation so that users don't have to add rules manually. Review collected by and hosted on G2.com.
Its easier to use and its free. It also provides useful test coverage reports. Review collected by and hosted on G2.com.
Limited support for containerization environments Review collected by and hosted on G2.com.
An excellent product for code review, most liked feature is customised rules for different language.
It's is simply yet so much secure.
Easy installation & setup process. Review collected by and hosted on G2.com.
Report generation is not allowed in pdf of XML format. It helps more if a limited version of report generation was available. Review collected by and hosted on G2.com.
