SonarQube : The complete course on SonarQube, 2023

SonarQube: DevOps + Security + QA mostly used opensource tool

SonarQube is an open-source tool used for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 27+ programming languages.

Audience: 

Freshers, Project managers, Developers, Architects, QA, Support Engineers, DevOps, DevSecOps, Infosec, Process engineers can master the course and excel in their careers.

Course Content:

• Coding best practices.
• Installation of SonarQube, Jenkins, docker, and docker-compose.
• Configure and connect Sonar Scanner
• Installation & Configuration of ANT, Maven, Gradle, NodeJs, and Python.
• understanding the basic terminologies used in SonarQube.
• Onboarding projects on Jenkins & SonarQube.
• Integrating Jenkins Jobs to SonarQube & publishing the results of the projects for analysis.
• Integrating Sonar Scanner with build tools like Ant, Maven, Gradle, NodeJs, Python, etc.
• Installation of plugins in Jenkins & SonarQube.
• Project Administration.
• Analysis of Bugs, Vulnerabilities, Code Smells, Debt, Code Coverage, Unit/Integration test.
• Configuration & Administration of SonarQube.
• Configure & analyze Quality Gates and Quality Profiles
• Fail SonarQube projects based on conditions of Quality gates.
• Fail Jenkins projects based on conditions of Quality gates mentioned in the SonarQube project.
• Learn to read and understand Complexity.
• Identifying Duplicated lines, files, and blocks  across the projects
• SonarQube Rules and Rule Templates.
• Managing rules and creating custom rules with templates
• Maintainability, Reliability, and Security Ratings.
• Handling identified issues.
• Administration tasks - Users, Groups, Permissions, token creation.
• SAST analysis.
• SMTP settings and notifications via email on various criteria set for projects.
• Branding Image: replace the sonar image with your company's brand image.
• SonarQube market place.
• SonarQube system details.
• Integration with real-time code analysis plugins like Sonar Lint with IDEs like Eclipse