SonarQube Dashboard and UI Guide
The SonarQube web interface is your main workspace. This topic explains every section of the dashboard so you can navigate it confidently and find the information you need quickly.
The Main Navigation Bar
+---------------------------------------------------------------+ | SONARQUBE | Projects | Issues | Rules | Quality Profiles | | | Quality Gates | Administration [User icon]| +---------------------------------------------------------------+
The top bar contains the global navigation. Each menu item gives access to a different area of SonarQube. Your user icon in the top right lets you manage your account and log out.
The Projects Page
The Projects page is the first screen you see after login. It lists all projects that have been analyzed at least once. Each project card shows:
- Project name
- Last analysis date
- Ratings for Reliability, Security, and Maintainability
- Coverage percentage
- Duplication percentage
PROJECT CARD EXAMPLE +----------------------------------+ | my-web-app | | Last analyzed: 2 hours ago | | | | Reliability: A Security: B | | Maintainability: A | | Coverage: 73% Duplications: 3% | +----------------------------------+
The Project Dashboard
Clicking a project opens its individual dashboard. This is the most frequently used screen for developers.
PROJECT DASHBOARD LAYOUT +----------------------------------------------------------+ | OVERVIEW TAB | ISSUES TAB | MEASURES TAB | CODE TAB | +----------------------------------------------------------+ | | | QUALITY GATE STATUS: [PASSED] or [FAILED] | | | | +--------+ +-----------+ +---------------+ | | |BUGS | |VULNERABIL.| |SECURITY HOTSP.| | | | 0 | | 2 | | 5 | | | +--------+ +-----------+ +---------------+ | | | | +--------+ +-----------+ +---------------+ | | |SMELLS | |COVERAGE | |DUPLICATIONS | | | | 14 | | 67% | | 4.1% | | | +--------+ +-----------+ +---------------+ | | | +----------------------------------------------------------+
Overview Tab
The Overview tab shows the Quality Gate result at the top. Below that, it displays the six main metrics: bugs, vulnerabilities, security hotspots, code smells, coverage, and duplications. Each metric links to a filtered list of related issues.
Issues Tab
The Issues tab lists every individual problem SonarQube found in the project. You can filter issues by:
- Type: Bug, Vulnerability, Code Smell, Security Hotspot
- Severity: Blocker, Critical, Major, Minor, Info
- Status: Open, Confirmed, Resolved, Closed
- Assignee: Issues assigned to a specific developer
- File or component
Measures Tab
The Measures tab shows every metric in detail. You can navigate through categories like Reliability, Security, Maintainability, Coverage, and Duplications. Each metric includes the current value, a trend indicator, and a history chart.
MEASURES TAB: RELIABILITY +-----------------------------------------+ | Metric | Value | Trend | +-----------------------------------------+ | Bugs | 3 | ↑ worse | | Reliability Rating | C | ↑ worse | | Reliability Effort | 30 min | — | +-----------------------------------------+
Code Tab
The Code tab lets you browse the project's folder and file structure. Click into any folder to see files, and click a file to read the actual source code. SonarQube highlights each line that has an issue directly in the code view.
CODE TAB: FILE VIEW +----------------------------------------------+ | Line | Code | +------------+---------------------------------+ | 23 | String query = "SELECT * FROM " + | | 24 | userInput; [!] BUG: SQL | | 25 | return db.execute(query); | +----------------------------------------------+
The Activity Section
Each project dashboard includes an Activity section that shows a timeline of every past scan. You can see how metrics changed over time — for example, whether bugs increased after a deployment or whether coverage improved after new tests were added.
Global Issues Page
The Issues menu in the top navigation opens a global view of issues across all projects. This is useful for team leads and architects who need to see the overall health of multiple projects at once.
The Rules Page
The Rules page lists every rule that SonarQube can check. You can search rules by language, type, tag, or severity. Each rule page explains what the rule checks, why it matters, and shows a code example of the problem and the correct fix.
RULE DETAIL EXAMPLE
+----------------------------------------------+
| RULE: "Passwords should not be hardcoded" |
| Severity: Blocker | Type: Vulnerability |
| |
| NON-COMPLIANT CODE: |
| String pass = "admin123"; |
| |
| COMPLIANT CODE: |
| String pass = System.getenv("APP_PASSWORD"); |
+----------------------------------------------+
User Account Settings
Click your name or avatar in the top right corner to access account settings. From here you can:
- Change your password
- Generate security tokens for scanner authentication
- Configure email notifications
- Set your default language preference
Security Tokens
Security tokens are the recommended way for SonarScanner to authenticate with the SonarQube server. Generate a token under your account settings and use it in scan commands instead of your username and password. This keeps your credentials safe in CI/CD pipelines.
MY ACCOUNT > SECURITY +----------------------------------------------+ | Generate Token: | | Name: [jenkins-scanner] [Generate] | | | | Token: sqp_abc123def456xyz... [Copy] | | (Token shown only once — copy it now) | +----------------------------------------------+
Administration Menu
The Administration menu (visible to admin users only) gives access to:
- System status and version
- Users and groups management
- Project management
- Quality Profiles configuration
- Quality Gates configuration
- Plugins marketplace
Regular developers do not need administration access for daily work. Only team leads or DevOps engineers typically manage these settings.