Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

SonarQube packaged by Bitnami

Bitnami by VMware | 9.5.0-2 on Debian 11

Linux/Unix, Debian 11 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

1 AWS reviews
  • 1
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

43 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Samuel B.

Code Analytics Tool That Has Gotten Better with Age

  • October 19, 2016
  • Review verified by G2

What do you like best?
Sonarqube is my one stop shop to find out the health of my code and the ability to integrate it with build tools and continuous integration ensures I'm always getting up to date information. It can quickly help you highlight trouble (hot-spots) in your code base and has integration with JIRA so that you can create a ticket and make sure the work to fix it isn't lost. Support for multiple projects with multiple configurations is also a huge plus because not all projects are the same. Sonarqube has been my go-to code analytics tool for many years as a Java developer.
What do you dislike?
Initial set up when using build tools like Maven or Gradle can be a bit challenging if you're just learning but once you've got the set up correct you usually don't need to edit it much after that point.
What problems is the product solving and how is that benefiting you?
I use SonarQube to ensure that my team and I are adhering to coding best practices defined as static rules and that we are maintaining good code coverage while not adding to technical debt. Sonarqube makes it extremely simple to tweak what is/is not considered technical debt for your team and as mentioned, makes it easy to identify hot spots to remedy. I use SonarQube as an early warning system that there may be some issues in the code that the team needs to address and the dashboard and drill down metrics make it easy to identify these issues.
Recommendations to others considering the product:
I wouldn't hesitate to plug SonarQube into one of your current projects and see what metrics it can generate for you and if they are helpful. I have a feeling that once you start to see what it can uncover that you'll use it more often than not to feel confident that your code is healthy and that your team is adhering to best practices for your company and the wider coding community.


    Aviation & Aerospace

Valuable tool for code quality analysis

  • October 19, 2016
  • Review verified by G2

What do you like best?
After getting the setup right, it's a "set it and forget it" solution. Also, the defaults are very sensible and we rarely needed to change them. It is very useful and provides a good integration with our existing build system, including Gradle and Jenkins. We recently upgraded to a newer major version and the upgrade went almost completely smooth, which is a big plus.
What do you dislike?
The setup can be somewhat frustrating and (especially for older versions) some of the functionality, like the history, can be very, very slow. This got fixed in recent versions but now you can have huge, huge elastic search indices, which can be somewhat of a problem.
What problems is the product solving and how is that benefiting you?
We are using it, surprise, to keep up with our code quality. This means that it is integrated with our continuous builds and reports are autogenerated when builds happen. The main benefit is that it not only does the analysis but gives the reason why something was marked and how to solve it.
Recommendations to others considering the product:
It's a very nice tool but make sure to have somebody who can administer and set it up correctly, as the integration with different database backends, etc. can be troublesome at times.


    Eric M.

Static Code Analysis with centralized reporting and tracking made easy!

  • June 24, 2016
  • Review verified by G2

What do you like best?
The ability to run both locally within your IDE (Eclipse, Jetbrains, etc) via the SonarQube plugin so you can correct any issues before committing your code, and you can also run it from your CI server (I use Bamboo) as part of the build step. There are quality gates that will let you fail the build if it doesn't meet certain quality criteria. That quality gate can fail the build. PCI compliance requires that you perform static code analysis against your in-scope code. This tool is a great addition to your code deployment pipeline! It also supports many languages such as Java, Python, C but expect to pay for plugins for Objective-C and Swift.
What do you dislike?
They discontinued the JIRA plugin that allows you to create a story for a problem found in your code, right within the SonarQube web interface. I feel like everyone uses JIRA for story/bug tracking so why get rid of that plugin?
What problems is the product solving and how is that benefiting you?
To ensure quality code and meet PCI compliance requirements, SonarQube allows us to analyze code from a central location and make it part of the code deployment pipeline for all code before it ships.
Recommendations to others considering the product:
It is a free (excluding the extra plugins and support they offer), open source project and only takes an hour to get up and running. It will help you understand your code better and become a better coder overall.


    Attila C.

SONARQube for the best code quality

  • May 20, 2016
  • Review verified by G2

What do you like best?
Several Integrated code quality tools like PMD, Checkstyle or Findbugs.
Offer one place of configuration over your codebase
Easy clear UI interface to get a great overview about your code quality from different angle
Easy configuration for plugins
What do you dislike?
Some IDE's plugins not support all SONARQube version, so you should follow which plugin you should use to work properly with the latest versions.
What problems is the product solving and how is that benefiting you?
Easy to integrate into agile workflow by defining / filtering code quality issues and define test for them
By following the suggested code quality problems, you can increase your code quality rapidly.
Thanks to plugins we can use this product to analyze different language based components
Recommendations to others considering the product:
You should identify which kind of quality you try to achieve and pick the right plugin
You can always override SONARQube's default quality settings over PMD, Checkstyle or findbugs, so you can get the most out from this system.