SonarQube Architecture (2024)
SonarQube Architecture mainly have four components, in this post we will see it's top-level components of the platform and how they interact. The core engine of the platform, Squid, is supported by additional code analyzers that Sonar organizes together to measure quality.
- Sonar Scanner
- Source Code
- Sonar Analyzer
- SonarQube Database
An analysis request is triggered using one of three possible methods:
- Maven Plugin
- Ant Task
- Java Runner
Source code which need to be analyzed.
Sonar receives the request and starts analyzing the source code of the project. The analysis is based on the Sonar profile of the project, activating any additional plugins or reporting capabilities, if any.
When the analysis is finished, the results will be stored in the database for future reference and history tracking.
Finally, the user interface (IDE:Eclipse/Web dashboard Reports) and its components are updated with the new data. You can access the data from your web browser and dashboard. Sonar reporting is also made available within your IDE, either Eclipse or IDEA, which allows you to review and correct code violations on the spot.
The analysis process is triggered by the build server in a continuously integrated environment. The server checks out source code from the repository, compiles and executes all unit or integration tests, after which it produces the necessary builds. Finally, Sonar takes over analyzing the source. A best practice for a time-consuming process like this is to activate it once a day while developers are inactive.
The process is then called a nightly job and the final build produced a nightly snapshot. Next time, developers have access, allowing them to examine how recent changes have impacted the overall quality of the project, to the latest project data and reports.