Configuring code analysis for SonarQube Cloud with Azure Pipelines and GitHub repositories
1 hour to complete
Overview
This course offers a comprehensive guide to integrating automated code analysis into your development workflow by leveraging Azure Pipelines with SonarQube Cloud and GitHub repositories. You will learn how to set up automated code scanning using GitHub repositories to identify issues early and maintain high standards for your codebase.
Learning objectives
After completing this course, you’ll be able to:
- Describe the elements of an Azure pipeline structure.
- Configure the connection between a GitHub repository and Azure Pipelines.
- Define triggers in Azure Pipelines to automatically initiate code analysis with SonarQube Cloud.
- Configure a pipeline workflow for code analysis with SonarQube Cloud.
Key topics
- Benefits of automated code analysis
- Azure Pipelines integration with GitHub
- Azure Pipelines structure
- Configuring Azure DevOps
- Setting up a basic code analysis workflow in Azure Pipelines
- Initiating and reviewing your code analysis results
- Applying code analysis across different languages
- Troubleshooting common issues
- Resources and best practices
Target audience
- DevOps engineer
- Developer
- Engineering leader
- Analyst
Prerequisites
- Course: Initial SonarQube Cloud set up with GitHub
- SonarQube Cloud organization and project created
- SonarQube token (Free plan) or Scoped Organization token (Team plan or higher)
- Active Azure DevOps account
- Active GitHub account
- Existing GitHub organization with at least one repository
- Endpoint Creator or Endpoint Administrator role in the Azure DevOps project
- SonarQube Execute Analysis permission
- SonarQube Create Projects permission
- Existing Azure DevOps organization with at least one project
- Network connectivity allowing communication between SonarQube Server and Azure DevOps