Daniel Strmečki & Martin Gluhak
Automated Code Quality Checks with Custom SonarQube Rules
#1about 3 minutes
Introduction to the company's code quality approach
An overview of the company's focus on code quality as a differentiator and the agenda for creating custom SonarQube rules.
#2about 3 minutes
The business case for standardizing code quality
Standardizing code quality improves customer perception, attracts talent, prevents repeated mistakes, and streamlines onboarding for new developers.
#3about 5 minutes
Implementing a comprehensive quality assurance strategy
A successful quality assurance strategy relies on shared team responsibility, continuous testing, and a high degree of automation across the test pyramid.
#4about 5 minutes
Creating coding guidelines and using initial tools
Establishing documented coding guidelines and using the free version of SonarQube helps standardize code but lacks enforcement for fixes and architectural checks.
#5about 4 minutes
Enforcing code quality with automated checks
Enforce coding standards by using SonarQube pull request decoration to block merges, ArchUnit for architectural tests, and custom rules for framework-specific issues.
#6about 4 minutes
Setting up a project for custom SonarQube rules
Start creating custom rules by cloning the official SonarSource template project from GitHub, which provides the necessary structure and dependencies.
#7about 4 minutes
Writing unit tests for a custom SonarQube rule
Use test-driven development by creating a Java code snippet with non-compliant comments and a JUnit test class that uses CheckVerifier to validate the rule's logic.
#8about 6 minutes
Implementing the rule logic using the syntax tree
Implement the rule by extending BaseTreeVisitor to traverse the abstract syntax tree, identifying the method's return type, and reporting an issue if it matches the target class.
#9about 4 minutes
Documenting the rule and building the plugin JAR
Finalize the rule by adding it to the plugin's rule list, creating HTML documentation with examples, and defining metadata in a JSON file before building the JAR.
#10about 9 minutes
Deploying and using the custom rule in SonarQube and IntelliJ
Deploy the custom rule by placing the JAR in the SonarQube plugins directory, activating it in a quality profile, and connecting SonarLint to see violations in the IDE.
Related jobs
Jobs that call for the skills explored in this talk.
Team Lead and Senior Software Engineer with focus on AI
Dynatrace
Linz, Austria
Senior
Java
Team Leadership
Matching moments
23:50 MIN
Q&A on Sonar, AI in code analysis, and pricing
The Clean as You Code Imperative
46:14 MIN
Q&A on tools, metrics, and distributed teams
Domain-Driven Transformation—How to Bring (Back) Sustainable Architecture to Legacy and Monoliths
22:26 MIN
Using static analysis and quality gates for code quality
One-click-to-production: Test and automate your application
24:33 MIN
Solutions for bridging the hardware and software divide
More efficient software for more efficient microchips
20:18 MIN
Integrating code quality checks into the development lifecycle
The Clean as You Code Imperative
00:03 MIN
Introduction to automating code reviews and quality checks
Build a CI/CD pipeline to automate code reviews and ensure code quality
19:42 MIN
Ensuring code quality and global application reach
Navigating the Corporate Jungle: Life as a Developer in a large Company
19:31 MIN
Maintaining code quality with AI-generated code
The AI-Ready Stack: Rethinking the Engineering Org of the Future
Featured Partners
Related Videos
30:40The Clean as You Code Imperative
Olivier Gaudin
33:14Supercharging Static Code Analysis: Konveyor AI & LLMs
Daniel Oh
41:17Application Modernization Leveraging Gen-AI for Automated Code Transformation
Syed M Shaaf
45:28Build a CI/CD pipeline to automate code reviews and ensure code quality
Julien Delange
29:31Are you still programming unit tests or already generating?
Johannes Bergsmann & Daniel Bauer
30:23Grappling With Clunky Old Software? Start by Understanding What’s Inside!
Luc Perard
25:36Test-Driven Development: It's easier than you think!
Eric Deandrea
31:15One-click-to-production: Test and automate your application
Bartosz Pietrucha
Related Articles
View all articles
From learning to earning
Jobs that call for the skills explored in this talk.
Software Architect Java (m/w/d)
Sopra Steria Custom Software Solutions GmbH
München, Germany
€78-100K
Senior
Java
Spring
Angular
JavaScript
+1
Quality and Security by Design Engineer (m/w/d)
AKDB Anstalt für kommunale Datenverarbeitung in Bayern
München, Germany
Intermediate
Senior
IT Security
Automated Testing
Software Quality Engineer (m/w/d)
WALTER GROUP
Wiener Neudorf, Austria
Junior
Intermediate
Python
JavaScript
Automated Testing
Senior Software Developer (Quality Infrastructure) New
JetBrains GmbH
Berlin, Germany
Senior
Vue.js
Kotlin
Docker
IntelliJ
TypeScript
+2
Software Developer (IntelliJ Platform - Version Control Experience) New
JetBrains GmbH
Berlin, Germany
API
GIT
Java
Gitlab
Kotlin
+2
Especialista en Calidad de Software (QA) - SonarQube
Financecolombia
Municipality of Madrid, Spain
Intermediate
GIT
Java
Azure
DevOps
Python
+3