title: SonarQube Documentation
Welcome to the SonarQube documentation!
SonarQube® is an automatic code review tool to detect bugs, vulnerabilities, and code smells in your code. It can integrate with your existing workflow to enable continuous code inspection across your project branches and pull requests.
If you want to try out SonarQube, check out the Try out SonarQube page for instructions on installing a local instance and analyzing a project.
If you’re ready to set up a production instance, check out the Install the Server documentation.
Otherwise, you can also find an overview and common scenarios below or navigate through and search the full documentation in the left pane.
In a typical development process:
See the installing and upgrading pages for setting up your production instance.
When your instance is up and running, see the Monitoring documentation for information on keeping your instance running smoothly.
If you’re using SonarQube Data Center Edition, see the Configure & Operate a Cluster documentation for more information on running your instance as a cluster.
Analyzing your code starts with installing and configuring a SonarQube scanner. The scanner can either run on your build or as part of your continuous integration (CI) pipeline performing a scan whenever your build process is triggered. For more information, see Analyzing Source Code.
Starting in Developer Edition, you can analyze your branches in SonarQube, and ensure that your code quality is consistent all the way down to the branch level in your projects. For more information, see Branch Analysis.
Starting in Developer Edition, you can integrate SonarQube to be part of your pull or merge request process. Issuing a pull request can trigger a branch analysis and add pull request decoration to see your branch analysis directly in your ALM’s interface in addition to the SonarQube interface. For more information, see the Pull Request Analysis Overview.
SonarQube gives you the tools you need to write clean and safe code:
If you have the Create Projects permission (a global administrator can set permissions at Administration > Security > Global Permissions), you can create and administer projects. See Project Settings for general information on setting up projects.
A project is automatically added on the first analysis. However, you can provision projects (set up permissions, Quality Profiles, etc.) before running the first analysis. See Project Existence for more information on provisioning a project and handling provisioned projects.
You also want to make sure SonarQube’s results are relevant. To do this you need to Narrowing the Focus or configure what to analyze for each project.
You can also set up Webhooks to notify external services when a project analysis is complete.
If you’re a global administrator, you can set up authentication, administrator access, and authorization. See Security for more information.
You can also set up email notifications that developers can subscribe to that are sent at the end of each analysis.
When you run new analyses on your projects, some data is cleaned out of the database to save space and improve performance. See Housekeeping for information on what data is cleaned and how to change these settings.
Starting in Enterprise Edition, you can set up Portfolios to get a high-level overview on the releasability of a group of projects.
Use the following links to get help and keep up with SonarQube: