SonarQube empowers developers to write clean and safe code. It continuously assesses code quality and provides a detailed report of bugs, vulnerabilities, and code duplications.
By integrating SonarQube into Cortex, you’ll be able to leverage all SonarQube has to offer alongside your other integrations in Scorecards leaving you with the rich and high quality understanding of your platform and services. A great example of the types of Scorecard that benefit from SonarQube are ones that target operational readiness, availability, and quality.
To get started see our documentation for adding SonarQube to Cortex.
After you’ve added SonarQube to Cortex, you can create Scorecards that measure how your services are doing specific to code quality and security. There are a couple of SonarQube specific rules that you can add to a Scorecard and give points depending on how important it is to your team.
For SonarQube, you can check if a service has:
A great example of using SonarQube alongside other integrations is by creating a Scorecard that measures Operational Readiness. A Scorecard focused on this will help you know when your service is ready to be deployed to production. You can check that there are runbooks, dashboards, logs, on call escalation policies, accountable owners, and no vulnerabilities:
Once you have a Scorecard like this set up, you can start using initiatives to drive progress across the organization on these goals.
With Cortex's SonarQube integration, you'll be able to map SonarQube’s data to services. Additionally, you can set objective standards for service quality using Scorecards and drive org-wide initiatives to improve on your services using Initiatives. Visit our documentation to integrate SonarQube with Cortex. If you're new to Cortex, set up a demo with our team to get started.