
Welcome to SonarQube
Learn various components of SonarQube
SonarQube Server
SonarQube Scanner
Database
Learn about sub components of SonarQube Server - Compute Engine, Elastic Search, Webserver and Plugin
Purpose of plugin
Roles played by Sonar Scanner
Importance of Code Quality
Different code quality analysis tools along with SonarQube
Role played by code quality tool in continuous integration and development life cycle
Seven axis of code quality - Potential bugs, coding rules, Tests, Duplication, Comments, Architecture and design, Complexity
Overview of SonarQube Server UI
Administration menu overview
Project summary, Project dashboard, filters
Overview, issues, code, measures and administration of individual projects
Running a scanner, verify report, delete report
Profile, quality gate setup for projects
Download SonarQube Server
Prerequisites on installations
Various plans of SonarQube and features available
SonarCloud and its features
Setting up of environmental variables and PATH
Download and installation of Sonar Scanner
Configuring environmental variable and PATH
setup of sonar-scanner.properties
Create a sample project and execute sonar scanner
Process of sonar scanner submitting the report to sonarqube server
Verify the project dashboard in sonarqube server
Introduction to Apache Maven
Setup and installation of Apache Maven
Overview of pom file
Configure maven profile and sonar scanner server
Execute maven command on sample project
Verify sonar scanner report
Introduction to Gradle build tool
Installation of Gradle
Gradle build and properties file
Configuring sonar properties in gradle build file
Execute sonar scanner with gradle
Verify sonar scanner report
Introduction to Apache Ant
Installation and configuration of Apache Ant
Configuring sonar target in ant build file
Configuring sonarqube-ant-task-*.jar file
Execute sonar ant task
Verify sonar scanner report in server
Introduction to Sonar Lint
Installing sonar lint from eclipse market place
Configuring sonar lint preference
Connecting sonar lint with sonarqube server
Analyze and review real time issues with sonar lint in eclipse
Introduction to Jenkins
Introduction to Jenkins pipeline
Overview on Jenkins UI and sonarqube server configuration
Configuring sonarqube server with host/port and authentication token
Generating authentication token from sonarqube server
Create new free style project in jenkins
Configure git url and credentials with tomcat project
Configure build environment
Create sonar scanner properties and build task
Configure analysis properties for sonar scanner
Trigger build in Jenkins
Verify Jenkins console and sonar scanner report
Learn about Cyclomatic and Cognitive Complexity
Purpose and use of complexity factor
Methodology on calculating complexity factor
Advantage of Cognitive complexity over Cyclomatic complexity
Sample calculation of Cognitive complexity and Cyclomatic complexity
Checking complexity value for project, folder and files
Introduction to quality gates
Understanding on Maintainability, Reliability and Security ratings
Creating and configuring new quality gate
Maintainability rating configuration
Adding condition metric to quality gate
Understanding on Quality profiles
Adding rules for quality profiles from market place
Setting quality profile at project level and global defaults
Comparing two quality profiles
Working with rules of quality profiles
Understand how rules works
Various types of rules installed in the system and search through filters
Create custom rules using template
Activate custom rule and associate with quality profile
Verify and test custom rule with sample project
Understand to create and manage users and groups
Assign permissions to users and groups
Generate and manage token for users
Create and manage permission templates
User profile, security, notification and project management
SonarQube Continuous Inspection tool for Code Quality. This course provides details on installation, usage, Integration with other build tools, Configuration and administration of SonarQube as well as the hosted version SonarCloud
You will learn the following concepts
Installation of SonarQube
Configure and connect Sonar Scanner
Integrate Sonar Scanner with other build tools like Ant, Maven, Gradle, etc.,
Collaboration with other continuous delivery tools like Jenkins
Configuration of SonarQube
Project Administration
Bugs, Vulnerabilities, Code Smells, Debt, Code Coverage, Unit test statistics monitoring
Learn to read and understand Complexity (Cyclomatic Complexity and Cognitive complexity)
Identifying Duplicate lines, duplicate files and duplicate blocks within and across projects
Documentation Ratings
Quality Gates and Quality Profiles
Rules and Rule Template
Maintainability, Reliability and Security Ratings
Handling identified issues.
Integration with real time code analysis plugins like Sonar Lint with IDEs like Eclipse
Managing rules and creating custom rules with templates
User management - Users, Groups, Permissions and Permission Template
You will learn how to efficiently set up SonarQube, install and configure the Sonar Scanner, and integrate it seamlessly with popular build tools such as Ant, Maven, and Gradle. We will also explore how SonarQube fits into the broader DevOps ecosystem by integrating it with continuous integration and delivery tools like Jenkins.
Beyond setup, this course dives into project administration, where you'll learn how to monitor bugs, vulnerabilities, code smells, technical debt, code coverage, and unit test statistics. You'll develop the ability to interpret key code complexity metrics, including Cyclomatic Complexity and Cognitive Complexity. Additionally, you will discover how to detect duplicate code — lines, blocks, and files — both within and across projects.
We will cover Documentation Ratings, Quality Gates, Quality Profiles, Rules, and Rule Templates, along with methods to manage and customize them. You'll also understand how to maintain high Maintainability, Reliability, and Security Ratings, and how to handle identified issues effectively.
The course will also introduce you to real-time code analysis using SonarLint with popular IDEs like Eclipse, and teach you how to manage users, groups, permissions, and permission templates in SonarQube.
By the end of this course, you will be fully equipped to install, configure, administer, and integrate SonarQube into your software development lifecycle, ensuring better code quality, security, and maintainability across your projects.