Should code quality metric evaluation tools like Sonar be integrated with IDE for running local analysis or should they be a part of the build process (like integrated with maven) for continuous inspection or should it be a combination of both? How can we leverage the power of such tools to the maximum extent possible?
4
I would say that it should be used in both places, if possible. Ideally, your analysis tool would catch most of the code problems on a developer’s workstation when the developer runs it locally and keep the code in source control cleaner. And having it run nightly in a batch would find any problems that do get checked in, and they can be focal points of the next code review – assuming that code that is flagged as problematic but still gets checked in is more complex to resolve and should be discussed before changing it from what works to what meets standards.
You need both, as they address linked but distinct situations :
The local run is all about making quick improvements when coding or immediately after. It also offer the comfort of your IDE (it is the best place to browse for code, as you have everything nearby). In addition, you can push developers to run it before committing, to have a first “quality firewall” in place.
The dashboard is all about the team. The fact that it is public did help a lot in my experience – no on want to be responsible of the “bad” project, so it did push to some kind of virtuous circle. In addition, it is very convenient to be able to arrive, open a browser and take a look “how did we this week” ? The dashboard also have the historical view, which is really important (more often than not, the trend is more important that the result – you want to be improving, that is what matter).
As you noted, Sonar actually allows both usage, which is nice (you want the same rule in the IDE and in the build).