Lab 5 – Sonarqube – 4 July 2023
Limited Time Offer!
For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!
What is Sonarqube?
--------------------------
Quality mgmt tool
Release
Community
Dev
Enter
https://www.sonarsource.com/products/sonarqube/downloads/
in JAVA
Version - 10
Quality
- Code Quality
- Test Quality -- Code Coverage
Code Quality
Structure of the code
Some Secrets
Best practices
Secrurity
Bugs
Which tool would scan for Code Quality?
- SCA | SAST
https://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
CODE REVIEW A CODE
1 CODE REVIEW 1 COND
100 CODE REVIEW 100 COND
RULE REVIEW A CODE
RULES REVIEW A CODE
Tool Review a Code
X | Y Z review a code
SonarQube Arch
-----------------------------
HUMAN ------> SonarWEB <------------- DB (RDBMS) <---------------- SCANNER --> CODE
===================================== ===========================
SonarQube Server laptop
Workflow of Sonarqube
==========================
Component of Sonarqube
-----------------------------
Server
http://52.207.239.204:9000/
admin
admin123
Code
https://github.com/devopsschool-demo-labs-projects/java-sonarqube-helloworld-src
Scanner
https://docs.sonarqube.org/9.8/analyzing-source-code/scanners/sonarscanner/
C:\tools\sonarqube\sonar-scanner-windows\bin\sonar-scanner.bat