SonarQube Mastery
What you'll learn
- Understand what is SonarQube and its purpose
- Run Sonarqube locally using docker
- Understand the differences between versions and editions
- Understand the concepts of static code analysis and the information presented by SonarQube
- Analyze source code with different scanners
- Report test coverage
- Install Sonarlint in VSCode, Eclipse and IntelliJ
- Manage quality profiles and quality gates
- Learn how to Install plugins and other important administrative tasks
- Use the web API to automate tasks
- Integrate SonarQube with Github Actions
- Integrate SonarQube with Jenkins
Requirements
- You don’t need any previous experience with SonarQube.
- You could benefit from having some familiarity with git and docker, but you don’t need to be an expert in those areas. We will explain the docker installation and the commands used while we need them.
- It can also help knowing a programming language to better understand some of the code examples, but you don’t need to be a programming expert.
Description
This course teaches you the keys to mastering SonarQube and its ecosystem to get the most out of it and improve the quality of your code.
We'll start by explaining the purpose and usefulness of SonarQube and Sonarlint and where they fit within a DevOps ecosystem. We will launch SonarQube on our machines using Docker and we will take a first tour of the tool's interface to locate ourselves and learn where to find the information we need at all times. We will also learn about the different editions and versions of SonarQube.
We will continue introducing the key concepts and terminology to understand the usefulness of static code analysis, what are the parameters that SonarQube uses to measure code quality and what is the architecture of the tool.
Then we'll get hands on. The idea is that from this chapter on you will do all the exercises while watching the videos, so that you can put into practice what we are learning. The course is designed to "learn by doing". We will launch analyzes for several programming languages, we will report code coverage and we will use several scanners for this.
Then we'll see how to bring the power of SonarQube to our code editors, installing Sonarlint in VSCode, IntelliJ and Eclipse, and we'll see how to configure sonarlint's connected mode to take full advantage of its capabilities.
After having mastered the user aspect of sonarQube and Sonarlint, we will deal with the administration aspects and see how we can manage a SonarQube instance, configure custom rules, profiles and quality gates, install plugins, configure the security of the instance and in general, adjust all the parameters needed for its correct operation.
Then we will add to our arsenal of knowledge the use of the SonarQube web API to programmatically communicate with the server and be able to perform monitoring, data extraction, automation and any task that comes to mind.
Finally, we will put the icing on the cake by integrating SonarQube with various devops platforms: Github Actions and Jenkins.
At the end of the course you will have a deep knowledge of sonarQube and you will be ready to:
Define the quality gates, quality profiles and rules that interest you most to control the quality of your code
Analyze your code locally with sonarlint
Integrate SonarQube into your favorite devops platform
Who this course is for:
- Developers: If you are a software developer, SonarQube will help you to write clean code and it will be your real-time ”coach”. It will give you feedback while you develop
- DevOps engineer: If you are a DevOps engineer, you can learn about the many ways you can integrate SonarQube in the software development life cycle. SonarQube can also help you to review infrastructure as code, since sonar can analyze descriptor files for Docker, kubernetes, cloud formation, terraform, etc.
- Managers: If you are a manager, knowing SonarQube capabilities can enable you to reduce costs and deliver value to your clients faster, since SonarQube can help you to detect problems early. SonarQube can also help you to reduce security risks thanks to security checks done by the tool
Instructor
- 4.5 Instructor Rating
- 177 Reviews
- 1,057 Students
- 3 Courses
I have a double diploma in telecommunications engineering from the Polytechnic University of Madrid and from Télécom Paristech and I have been working in the IT sector for more than ten years.
I have always believed that continuous training is essential in any sector and especially in IT where technology changes at a dizzying pace.
I have been an avid consumer of online training and now I am ready to cross the barrier, get to the other side and share my knowledge and experiences in my courses.
During my professional career I have worked in several companies and have held various roles: I have been a backend developer, full stack developer, scrum master, technical leader and DevOps engineer.
I have also obtained some certifications:
- AWS Certified Solutions Architect - Professional
- Google Cloud Associate Cloud Engineer
- Certified Kubernetes Administrator
For the last 4 years I have worked in a team focused on DevOps with the objective of developing and enabling testing tools and processes and improving code quality for a company with thousands of developers. I have had the pleasure of rubbing shoulders with great professionals and experts in DevOps from whom I have learned enormously. Together, we have faced various challenges to transform the way developers work and have learned valuable lessons.
Now I want to share that knowledge and I'm excited to be able to do it here on udemy.