SonarQube (SAST + Quality ) : Complete course on SonarQube, SonarQube, Continuous Code Inspection, Quality Analysis, Static Analysis of Source Code of 27+ languages in real time.
SonarQube: DevOps + Security + QA mostly used opensource tool
SonarQube is an open-source tool used for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 27+ programming languages.
Freshers, Project managers, Developers, Architects, QA, Support Engineers, DevOps, DevSecOps, Infosec, Process engineers can master the course and excel in their careers.
Coding best practices.
Installation of SonarQube, Jenkins, docker, docker-compose.
Configure and connect Sonar Scanner
Installation & Configuration of ANT, Maven, Gradle, NodeJs, Python.
understanding the basic terminologies used in SonarQube.
Onboarding projects on Jenkins & SonarQube.
Integrating Jenkins Jobs to SonarQube & publishing the results of the projects for analysis.
Integrating Sonar Scanner with build tools like Ant, Maven, Gradle, NodeJs, Python, etc.
Installation of plugins in Jenkins & SonarQube.
Analysis of Bugs, Vulnerabilities, Code Smells, Debt, Code Coverage, Unit/Integration test.
Configuration & Administration of SonarQube.
Configure & analyze Quality Gates and Quality Profiles
Fail SonarQube projects based on conditions of Quality gates.
Fail Jenkins projects based on conditions of Quality gates mentioned in the SonarQube project.
Learn to read and understand Complexity.
Identifying Duplicated lines, files, blocks across the projects
SonarQube Rules and Rule Templates.
Managing rules and creating custom rules with templates
Maintainability, Reliability, and Security Ratings.
Handling identified issues.
Administration tasks – Users, Groups, Permissions, token creation.
SMTP settings and notifications via email on various criteria set for projects.
Branding Image: replace the sonar image with your company’s brand image.
SonarQube market place.
SonarQube system details.
Integration with real time code analysis plugins like Sonar Lint with IDEs like Eclipse