Every app that we develop at Macoscope is built on CI, while Code Review is an inherent part of our creative process. This allows every member of the team to quickly figure out how some new portion of code was implemented and point out what’s wrong with the code and how it can be improved. Another thing that helps produce high quality code is static code analysis. It looks for patterns in code (using a pre-defined set of rules) that can cause bugs and result in security vulnerabilities.
For developers, static code analysis is most helpful when it is an essential part of the code review process. Under such an approach, every pull request is automatically analyzed and potentially incorrect parts of the code are commented. In this short blogpost, we describe how you can implement that approach by integrating SonarQube with Jenkins CI and GitHub for an Android project.