We are thrilled to announce the 10.6 release of SonarQube including some significant changes:
- SonarQube autoscaling in Kubernetes
- AutoConfig for C and C++ projects even for unsupported compilers
- SonarQube runs in a FIPS-enforced environment
- Set rule priority to prevent the release of substandard code
- Easy setup of monorepos for all DevOps platforms
- Monitor upgrade time and progress during upgrades
- Added support for Scikit-learn library in Python for AI / Machine Learning practitioners
Read on to find out more.
SonarQube Autoscaling in a Kubernetes Cluster
When operating SonarQube Data Center Edition in a Kubernetes cluster, app nodes will now autoscale based on load. SonarQube supports Kubernetes Horizontal Pod Autoscaling (HPA) of app pods when running in a cluster. This will ensure developers never wait for an analysis to complete due to resource limitations. Additionally, because app pods are autoscaled in and out based on demand, the resources needed to run SonarQube are optimized for cost savings.
Introducing AutoConfig for C and C++ Projects
Are you frustrated with how complicated it is to set up C or C++ projects in static code analyzers? There are numerous compilers and build environments, some supported by SonarQube while others are not, like the Green Hills compiler or distributed build systems. In SonarQube 10.6, we’re excited to announce that we’ve released AutoConfig for C and C++ projects. This means you are no longer required to use Build Wrapper or Compilation Database to scan your projects. We’ve eliminated the complexity of project setup, and now SonarQube will automatically work with most compilers and build configurations, even previously unsupported ones. This dramatically reduces the time needed to get started with scanning your C and C++ projects and leads to successful analysis, even for complex projects.
SonarQube Runs in a FIPS-enforced Environment
Government agencies and organizations can comply with FIPS requirements by running the SonarQube server in a FIPS-enforced environment. Running the SonarQube server in a FIPS environment guarantees that the cryptographic algorithms used for encryption, decryption, and digital signatures are approved by the National Institute of Standards and Technology (NIST).
Easier Operations
We finished the easy setup of monorepos for Azure DevOps and Bitbucket in 10.6, completing our release of simplified setup for monorepos on all four supported DevOps platforms. Additionally, when performing an upgrade, SonarQube will predict the time it takes to complete the upgrade and show you the time remaining during the upgrade. This allows you to schedule the upgrade in a more opportune window so there is less impact on your teams.
Set Rule Priority to Uphold Your Coding Standards
In SonarQube 10.6, you can now configure the priority of rules that block your release to prevent substandard code from being released based on your coding standards. This ensures that your teams are following your company’s policy for Clean Code when those policies are more strict than Sonar’s recommended standards.
More AI Libraries in Python
We’re also thrilled to announce the addition of rules for TensorFlow and Scikit-learn libraries in Python. This expands our support of AI libraries for Machine Learning practitioners to four libraries, including TensorFlow, NumPy, and Pandas.
There are a ton more exciting and powerful features in SonarQube 10.6! Find out more in the 10.6 release announcement and our 10.6 release notes.
Are you still using an older version of SonarQube?
If you’re on a version older than 9.9, upgrade to SonarQube 9.9 LTA before upgrading to 10.6. Check out this helpful checklist for a smoother upgrade. Watch the on-demand LTA upgrade webinar, which explains a step-by-step approach and highlights common pitfalls encountered during the upgrade.