Sonarqube Complete Tutorial 2023
HTML-код
- Опубликовано: 23 авг 2024
- Sonarqube Complete Tutorial 2023
DevSecOps & Cloud DevOps Full Course(Batch-2 Starting 20th October):
www.devopsshac...
If you have any questions or suggestions, Please ping me one to one on Instagram at:
/ devopsshack
Repo Used:
github.com/jai...
Tools Used:
1. Sonarqube
2. Jenkins
3. Docker
4. JDK11, Maven
Timestamps:
00:23 Agenda
00:42 Sonarqube explanation
08:13 Install & Setup Sonarqube
12:09 How Sonarqube works
17:18 Implementation With Jenkins
20:40 Creating Jenkins Pipeline
27:12 Analysis Complete | Check the report in Sonarqube
two days back asked you to create video on sonarqube and here it is already.. 😀 Thank you so much brother..🤩
One stop for the complete Sonar. Clearly explain. thanks.
Aree bhaiya kya baat hai, 1 no....
Itne jldi...
Bhai will suggest weekend main 1 hour or 2 hour live session lijiye if anyone having any doubt regards on the uploaded vdo then will clarify..
Will be help us..
Thank you Bhai for actively doing and appreciate ur effort❤
Share the videos as well🥺
Need a bigger audience ✌🏻
We have source code, there might be some syntax based error, vulnerabilities in our code, code smells.
To make sure code is free of all this and pin point at particular line which has issues, we use sonarqube.
It does two things...
1. Code coverage - code coverage 80% means that amount of code is tested..
2. Code quality check- code quantity determined by
1.Due to bug(wrong code), 2.vulnerability(section of code which is open to attack), 3. code smell(that section of code which is poorly written and create confusion).
Why sonarqube is used, it is compatible with nodejs, java, python, c sharp all of these source code.
I really appreciate your hard work and the way of teaching. Thanks!
It was straightforward to understand hands-on. Thank you.
Hey man, thanks for watching ✌🏻
Nice work!
Personal pov - On the SonarQube stage of the pipeline a tad more details would have made things simpler for me.
Nice Bro. Beautifully explained..
Clear explanation,thank you
Is this the complete tutorial on sonarqube ? Or should i have to learn more and more ?? Or this much is enough ? Please reply
Thank you brother for a timely tutorial on this, love from Philippines ! Already subscribe, Maybe you can do sonarqube AD or LDAP integration
Sure will try
Is sonarqube and checkov tool serve the same purpose. If not, Can you please let me know when to use both the tools
Hi Aditya. Que: What are the common vulnerabilities you have seen so far?
Thank you in advance.
that was awesome! thanks.
Hey, the tutorial is interesting but I have some doubts and feedback
1)If project creation is also included it would be nice even though shell command does this thing.
2)You geberated a token under your profile section. But i generated the token from the project creation manually is it ok. And another thing is can i use same token that i generated for single project is it ok.
3)You configured the tools maven and sonar scanner but if i dont want to perform analysis on jenkins master then configuring them is not correct right. I mean basically we are using the node and perform the analysis on jenkins node. so in this scenario i need to manually install them in the jenkins node am i right.
4)Finally is this enough for a devops engineer?
Thanks ❤ for the video
Hi, can you please show same pipeline but with docker containers?
How to build docker-compose.yaml file for each tool? (jenkins, sonarqube)
ty very much, subscribed !
It is necessary to create a testcase and and the code coverage is based on testcase right ?
Thanks Sir, love from Pakistan
Please refrain from using the phrase 'OK' habitually. Thank you.
Ok😂😂😂
20:25 those properties plugins and dependency files are written by devops engineers?
Are you running Jenkins & sonar on the same machine, does both can be setup on free-tire.
I use t2.large if multiple things i need to setup
amazing video☺
Why didn't you configure the SonarQube container in the global systems , you just used the tool configuration. ??
Bro can u explain how to fix the coverage issues of sonarQubes
Excellent!. Can we mask the passwords where ever is required ? Like using IAM or secrets in-place
And in issues section you said assigned to specific persons for fixing, Will it be assigned to the developer who has pushed to feature branch after their coding task ?
Please if possible do a video on Gerrit tool.
We can mask , yess
And the issues are assigned to developers
Bro after generating this how do we pass it developers end so that they can rectify them
everything is good but how to install and how to setup sonar
How to create a branch, using production, ignore the entire production base, analyze only the new commits?
Hello sir. Thanks for sharing your knowledge.
can you pls make a video with NodeJS application also.
How to check Date and time of completion at the sonarqube homepage for Pull Request jobs, in current version 10.2.1 date and time is not appearing and not finding at other positions. Thanks in Advance for the support.
Good video ❤
Thanks 😁
can you please add any testing tool integration in CI/CD pipleline (Selenium)
Okay
If you experience errors on the maven - sonarqube connection, change the "localhost" of sonarqube to your machine's IP and check that the JDK version you put into Jenkins is the same as the version on your machine.
bro make video on kubernetes architecture
btw 😇 this sonarqube tutorial was awesome
how to generate report???? please help me
Why Run SonarQube in Docker?
in my project quality gate unable to applied project in sonarqube after run command "npm run sonar"
Dose sonarscanner support .NET 7. ?
sonarqube not working localhost in windows and Jenkins working
When I am using Jenkins and Sonarqube docker containers and try to run pipeline in Jenkins. The console output showing me no Sonarqube Scanner Tool found. But I have already added the plugins of Scanner in my Jenkins. Could you help me out to fix this issue?
U may not have added sonar server
I did added it but still its not working. Also i have referred different article on medium and they have said that you need to install sonarcube scanner through apt-get install command in jenkins container. I did this too, but no luck.@@devopsshack
Overall it is a very good video but when I tried to integrate a Jenkins pipeline with Sonar it failed. After a long debug found that Project creation on sonar is missing in this video. Try to add this part as well. Thank you.
-Dsonar.projectName=projectname
When u put this in shell command the project gets created which I already showed in video🙂
@@devopsshack true, apologies I have missed that part.
unable to start the sonarqube, connection timeout
My sonarqube server is not running any reason
Okay
Hello There,
Is is possible ? we can setup sonar qube without docker ?
yes, plain installation is also available but you need 2vCpus and 2 gb ram minimum to install it
unable to connect to localhost /9000 error ara hai
reply bhi kr dia kr bhai, khali video bna di hai
How to make pom.xml file for python applications like for fastAPI
How to show multiple branch on Sonarcube
That feature available in developer edition
Bro need some suggestions from you.
How can I reach you ,
Hey Krishna,
I am available at instagram.com/m_aditya_jaiswal?igshid=NTc4MTIwNjQ2YQ==
bro faceing an issue with sonarqube page while copying the ipv4 public:9000 then it didn't connect to sonarqube page, so what is the error? how can I correct it.
Check in security group if port is open
ok bro@@devopsshack
pls make video on prometheus and grafana..
In future, yes✌🏻
@@devopsshackwaiting 🎉
How to delete a brand in sonarqube
Bro please work at your sound quality your content is on-point but the voice makes it underrated!!
In new videos they are improved buddy
audio not clear
😢😢
Error: LinkageError occurred while loading main class org.sonar.application.App
java.lang.UnsupportedClassVersionError: org/sonar/application/App has been compiled by a more recent version of the Java Runtime (class file version 61.0), this version of the Java Runtime only recognizes class file versions up to 55.0