Sign in
Categories
Your Saved List Partners Sell in AWS Marketplace Amazon Web Services Home Help

SonarQube Community Edition for Red Hat Enterprise Linux 8 with support

Kurian | 8.9.6

Linux/Unix, Red Hat Enterprise Linux 8.5 - 64-bit Amazon Machine Image (AMI)

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

8 reviews
from G2

External reviews are not included in the AWS star rating for the product.


    Monali P.

Code Review Tool For SonarQube

  • March 16, 2022
  • Review provided by G2

What do you like best?
it shows review comments as per rule selection which help to avoid security scan
What do you dislike?
Too many rules for selection hence it is complex for selection
What problems is the product solving and how is that benefiting you?
code review comments


    Financial Services

Code quality at its max

  • March 15, 2022
  • Review provided by G2

What do you like best?
Compatible with all operating systems and technology languages. Easy to
Configure and reporting helps bringing team maturity and value delivery to customers.
What do you dislike?
Few aspects on shell script and other niche are not covered well.
What problems is the product solving and how is that benefiting you?
Consistency in coding by team of developers is helping maintaining code quality and documentation. This enabling faster to market product delivery


    Trisaiteja N.

Very good code quality tool for enterprise applications.

  • March 09, 2022
  • Review provided by G2

What do you like best?
1. Supported plugins to multiple IDEs, Easy integration with GitLab etc.
2. Easy to add custom rules as needed for the project requirements.
What do you dislike?
May be a free version for a limited period of time to the developers would give good market value.
What problems is the product solving and how is that benefiting you?
* Easy identification of boilerplate code.
* Create custom rules for what we needed for the projects.
* Speed and ability to integrate with several tools.


    Banking

Decent tool that helped us achieve shiftleft to an extent..!

  • March 07, 2022
  • Review provided by G2

What do you like best?
Offered features helped us to deliver bug free code with quality. Customisations like quality gates and many other helped us take baby steps in improving the standards in one of our legacy application.
What do you dislike?
Looking at the history of this tool, it is offering much better in the recent past but still a lot to do to catch up with modern tools who are offering features to catch runtime issues.
What problems is the product solving and how is that benefiting you?
As I mentioned in my title and other notes sections, offered features helped us achieve shiftleft to an extent by finding quality gaps in early days of the software development lifecycle.


    Pranay J.

SonarQube: Best Community Tool for Code Quality

  • March 07, 2022
  • Review provided by G2

What do you like best?
1. It can be self-host on-prem or can be hosted in the cloud with the help pre-configured OS image
2. Can be easily integrated with any CICD pipeline with help of inline scan command or docker-cli scan
What do you dislike?
1. It supports only static scan which always forces us to use some other tool with dynamic scanning support
2. For now scanning is available for some common languages, I am expecting the support of IaC scan in future updates
What problems is the product solving and how is that benefiting you?
We are working on multiple projects where checking the code quality can be very tedious, With SoanrQube we can get the report on the SonarQube dashboard after every commit and improve the code in the next release.


    Soumya T.

SonarQube - Best tool for CI/CD integrations for detecting security vulnerabilities

  • March 07, 2022
  • Review provided by G2

What do you like best?
Sonarqube standalone helps detect security vulnerabilities and various bugs via integrations on CI/CD pipeline to ensure 100% code control. The preconfigured apps via support system ( Kurian ) helps make wholesome management easy to go like - Jenkins, CMS, DB support, Ansible, and many others, making DevOps job easy. It's also cost-effective so you just need to pick the EC2 instance as per your requirements, and game is on !!
What do you dislike?
While going through the automated test cases, If dynamic injection of support is obtained then the whole experience would be much more beneficial from QA perspective.
What problems is the product solving and how is that benefiting you?
The ability and agileness is the integration ability and gets various outputs in various formats. Categories DevSecOps, static code analysis, SAST, and developer workflow integration is a boon to app integration.
Recommendations to others considering the product:
To help team have control 100% of code coverage, bugs and other analysis with supports, Sonarqube helps detect security vulnerabilities via integrations on CI/CD pipeline to ensure 100% code control


    Oil & Energy

One of the best tools to improve code quality and code security

  • December 22, 2021
  • Review provided by G2

What do you like best?
Quick informative and easy to understand dashboards and reports and best part the security concerns
It is an easy tool that you can deploy and configure. After that you can measure the history of your obligation and integrate it with other tools like GitLab or GitHub or Azure DevOps to do quality code analysis.
What do you dislike?
SonarQube could be improved with more dynamic testing—basically, now, it's a static code analysis scan. For example, when the developer writes the code and does the corresponding unit test, he can cover functional and non-functional. So the SonarQube could be improved by helping to execute unit tests and test dynamically, using various parameters, and to help detect any vulnerabilities. Currently, it'll just give the test case and say whether it passes or fails—it won't give you any other input or dynamic testing
What problems is the product solving and how is that benefiting you?
The static code analysis of the solution is the most important aspect for us. When it comes to security breaches within the code, we can leverage some rules to allow us to identify the repetition in our code and the possible targets that we may have. It makes it very easy to review our code for security purposes


    Computer Software

A very useful product

  • December 20, 2021
  • Review provided by G2

What do you like best?
The recommendations are very usefull, identifies problem areas and helps manage large code bases. Scores can estimate the quality of the code
What do you dislike?
sometimes the recommendations are useless, does not help in any meaningful way and makes development mone tedious. However, this is not the case most of the time
What problems is the product solving and how is that benefiting you?
keeping the codebase tidy and identifying possible security issues or problem areas.


showing 1 - 8