Installing and configuring SonarQube
Apart from integrating code in a continuous way, CI pipelines nowadays also include tasks that perform continuous inspection—inspecting code for its quality in a continuous approach.
Continuous inspection deals with inspecting and avoiding code that is of poor quality. Tools such as SonarQube help us in achieving this. Every time a code gets checked-in (committed), a code analysis is performed on the code.
This analysis is based on some rules defined by the code analysis tool. If the code passes the error threshold, it's allowed to move to the next step in its life cycle. But, if it crosses the error threshold, it's dropped.
Some organizations prefer checking the code for its quality, right at the moment when the developer tries to check-in the code. If the analysis is good, the code is allowed to be checked-in, or else the check-in is cancelled and the developer needs to work on the code again.
SonarQube is a code quality management tool that allows teams...