What Is Technical Debt In SonarQube?
Audio Version Of This Article
Technical debt is perhaps one of the most important considerations to keep in mind when you’re handling complex software projects. Also called design debt or code debt, it is a very commonly used metric that makes tracking and maintaining code quality a lot easier for development teams.
Being one of the most popular tools for code quality maintenance, SonarQube from SonarSource comes with powerful technical debt analyzing tools baked in and ready to use out of the box. In this article, we will look over what technical debt is in SonarQube and how we can measure and reduce it appropriately.
What is Technical Debt?
If you’ve been in the dev space for a while, chances are you’ve probably heard the term ‘Technical Debt’ being mentioned a lot. But what does it really mean, and why should you even spend your precious development time considering it seriously?
In the simplest sense, Technical Debt is a measure of compromise in the quality of code done to make up for quick delivery schedules. As speedy delivery of prototypes or updates is sometimes prioritized over optimizing the code and performance, it is important to track how much the code quality has been affected after every delivery and make up for those compromises later on.
Technical debt in itself is not bad, in fact, it is a natural part of any engineering project. However, when this debt accumulates over time, it can make the overall code quality suffer, increasing the risk of performance problems and errors.
Thus, we need reliable tools to measure code quality across codebases... and this is where our handy tool SonarQube comes in.
How SonarQube helps to assess the quality of the code
SQALE approach is used in the SonarQube top-notch design, with specific changes. The SQALE technique, widely recognized, concentrates primarily on programming difficulty, maintenance and will not consider the program's hazards.
In essence, if a significant safety issue is found in a program, one needs to solve every stability, modifications, usability, and running strictly according to the SQALE approach and after turn again in the latest severe problem. In reality, if possible flaws in the program for such a lengthy period and gets zero consumer error complaints, it is far more critical to concentrate on remediating the latest deficiencies.
Taking it into consideration, programmers in SonarQube have changed the SQALE quality model, focusing on these key issues:
● As easy as conceivable, the system architecture must be
● Bugs and weaknesses in maintenance problems must not be missed.
● Significant development problems and privacy flaws should result in the quality gate criteria not being fulfilled.
● Code maintenance concerns are also crucial, so they shouldn't be overlooked.
● The financial plan is vital and must be conducted utilizing the SQALE analysis model.
The SonarQube Quality Gate ethics employs the feature vectors to evaluate when the program completed these controls:
● No latest bugs
● Zero latest security flaws
● New code technical debt ratio<= 5%
● Equal or more than 80 percent modified system's availability
Sonar squad must list seven terrible programers' faults for growing technical debt:
● Bugs and possible errors
● Coding principles breached
● Redundancy of the program
● Inadequate coverage of consumers modules
● Lack of structure diffusion
● Pattern of Spaghetti
● Excessive amounts of comments
How to measure code quality in SonarQube:
SonarQube is one of the most popular tools used for automated code analytics. Developed by SonarSource, this handy little open-source tool makes code across large codebases much easier to track and maintain across the lifespan of the project.
Flaunting support for as many as 20+ languages and frameworks, this tool is trusted and used by many professional teams worldwide to detect technical debt in projects over time as well.
Step 1: Scan the project root folder using SonarQube
In our last article, we went into depth about how you can set up SonarQube on your local machine to use for code analysis. If you don’t have SonarQube already installed, follow this link to get started.
Once you have your SonarQube server installed locally, run the sonar scanner terminal tool in your operating system of choice as follows:
For windows, navigate to project directory on cmd or PowerShell and type:
>> sonar-scanner.bat
For macOS or Linux, run the sonar-scanner tool after navigating to the root folder of your file as:
$ sonar-scanner
If you’ve followed all the steps outlined in our previous tutorial for installation and setup, the scanner should start scanning the project without any problems.
Step 2: View your analysis report on the Sonar Dashboard
The scanning process typically takes a while. After it is completed, you can navigate to your SonarQube dashboard on http://localhost:9000. Log in using the credentials you entered during installation.
Now, select your project folder name. You should find a fresh code analysis report waiting for you.
Step 3: Enable the Technical Debt widget
Since SonarQube lets developers pick and choose which analysis sub-tools to use for their report, we can now easily view our technical debt using the appropriate widgets in our dashboard.
SonarQube comes with three technical debt widgets in-built, each limiting the amount of technical information the report shows on the screen (this is helpful since we can pick and choose which level of technical information to report across multiple levels of a team).
The primary debt widget reports the technical debt in the number of working days it will take to make up for the total collected debt across the project, along with the various ‘debt levels’ spotted across the scanned project. These debt levels include ‘Blocker’(highest priority), ‘Critical’, ‘Major’, ‘Minor’, and ‘Info’.
But although this widget is pretty helpful when you want to get quick insights into the technical debt of a project, it only provides a very high-level look at the problems. For a more in-depth look, you can choose the other two widgets that come bundled with Sonar.
The second widget displays the technical debt in terms of the debt ratio and SQALE rating. The debt ratio refers to the amount of time the quality maintenance operations will take relative to the existing development time, while the SQUALE rating uses the reliable SQALE (Software Quality Assessment based on Lifecycle Expectations) methodology to grade the quality accordingly from ‘A’ (best grade) to ‘E’ (worst grade).
Finally, the third widget displays the technical debt in what it calls a ‘Debt Pyramid’. It is a visual representation of the technical debt present in the project in terms of various non-functional characteristics like Reusability, Portability, Security, Maintainability, etc.
The chart points out how much technical debt affects those individual characteristics, along with the time (in working hours or days) that it will take according to recent trends to fix the problem.
Every number in all three widgets is clickable, meaning that you can click at any one of the results to look deeper and in more detail on the various problems as well as ways to fix them in an optimal way. This way, you can work with your team to start reducing the technical debt that you’ve accumulated across the project’s development.
Conclusion:
And there you have it! With a few simple clicks, you can easily view and analyze your technical debts in SonarQube effortlessly. Being one of the industry leading code quality tools, both the community as well as professional editions of the tool come with powerful widgets that can help you better understand debts in your codebase, as well as generate detailed reports in a click of a button.
Updated on September 9, 2021