Branch-based Code Reviews

One of the main features of this app is that it supports you to do code reviews based on pull requests with SonarQube. SonarQube-based code reviews with pull requests depend on a build that analyzes the Git branches of a pull request separately. This can be done manually by setting SonarQube's -Dsonar.branch, -Dsonar.branch.name or -Dsonar.pullRequest.key. But if you're using a branch-based Git workflow like Gitflow, you want this to be automated. Include Code Quality for Bamboo is able to do this.

The following picture explains the workflow for SonarQube-based code reviews together with Bitbucket Server and Bamboo and our two apps Sonar for Bitbucket Server and Include Code Quality for Bamboo (note that the basic workflow is the same when you are using another build server):


The workflow starts with a developer pushing code changes to a newly created feature branch (1)

Bitbucket triggers Bamboo which automatically (2) creates a plan branch if it is configured accordingly.

Sonar for Bamboo is able to trigger the Sonar analysis for Maven, Gradle and SonarRunner based projects and the results are published on the SonarQube server (3).

The developer is notified (4) about the build results (e.g., by Slack) and creates a pull request (5).

Sonar for Bitbucket then shows all the useful metrics and bug hunting tools in Bitbucket's pull request view (6).

The found code quality issues are best judged by the code review peers, which can now easily discuss them with pull request comments and can create tasks for serious issues by just one click (7) in order to not forget to fix them.


SONAR™, SONARQUBE™ and SONARCLOUD™ are independent and trademarked products and services of SonarSource SA: see sonarsource.com, sonarqube.org, sonarcloud.io.