Sonar is a tool that centralizes a range of code quality metrics into a single website (see Figure 9-18). It uses several Maven plugins (Checkstyle, PMD, FindBugs, Cobertura or Clover, and others) to analyse Maven projects and generate a comprehensive set of code quality metrics reports. Sonar reports on code coverage, rule compliance, and documentation, but also on more high-level metrics such as complexity, maintainability and even technical debt. You can use plugins to extend its features and add support for other languages (such as support for CodeNarc for Groovy source code). The rules used by the various tools are managed and configured centrally on the Sonar website, and the Maven projects being analyzed don’t require any particular configuration. This makes Sonar a great fit for working on Maven projects where you have limited control over the pom files.
Figure 9-18. Code quality reporting by Sonar
In one of the most common usages of Sonar, Sonar automatically runs a set of Maven code quality related plugins against your Maven project, and stores the results into a relational database. The Sonar server, which you run separately, then analyzes and displays the results as shown in Figure 9-18.
Jenkins integrates well with Sonar. The Jenkins Sonar Plugin lets you define Sonar instances for all of your projects, and then activate Sonar in particular builds. ...