We are contemplating to consider usage of SonarQube for conducting Static code analysis in my project, need to clarify few queries below,
i) whether SonarQube integrates seamlessly into VS 2015(IDE) , GIT and Jenkins
ii) Need to obtain the code scan (Static code analysis) details , what is the approx. duration of performing Initial scan in Hrs and does subsequent scan involves (incremental scans / Deltas) ?
iv) Licensing constraints if any, Bulk Licensing/Standalone etc., for development team comprising 6 members.
Yes, it integrates with VS2015 with the sonarlint plugin, so you would have to configure it to choose the same sonarqube rules.
If the scan is done using sonarlint, the analysis depends on the amount of the code line or the size of the project. You could also perform the analysis using the sonarscanner but it takes a little longer the first time
Also, regarding question #2, the time analysis takes is proportional to the size of your code base, and there is no appreciable difference in duration between the initial analysis and subsequent analyses.
For question #3: you can scan C# code all day long for free. If you want to add on PR analysis, that’s a commercial feature, and commercial editions are priced by lines of code in the instance, rather than by developer seats.