Configuring code analysis for SonarQube Server with GitHub Actions
1 hour to complete
Overview
This course provides a comprehensive guide to setting up automated code scanning directly within your GitHub repositories. You'll learn how to define triggers for code analysis, configure the SonarQube Scanner, and interpret your code analysis results by integrating GitHub Actions with SonarQube.
Learning objectives
After completing this course, you’ll be able to:
- Define triggers for code analysis.
- Configure a GitHub Actions workflow for code analysis with SonarQube.
- Review SonarQube analysis results.
- Customize your code analysis workflows for different project needs.
- Apply troubleshooting tips to resolve common issues.
Key topics
- Setting up a basic code analysis workflow in GitHub
- Reviewing code analysis results in SonarQube
- Applying SonarQube's code analysis across different programming languages
- Troubleshooting common issues
- Best practices and resources
Target audience
- DevOps engineer
- Developer
- Engineering leader
- Analyst
Prerequisites
- A SonarQube Server instance (Developer Edition, Enterprise Edition, or Data Center Edition)
- GitHub.com, GitHub Enterprise Cloud, or GitHub Enterprise
- Create Project permission or Admin permission of a project in SonarQube
- Execute Analysis permission in SonarQube
- SonarQube global analysis token
- Active GitHub account
- Administrative permissions to create and manage repository secrets and variables in GitHub
- Administrative permissions to create and update a GitHub Actions workflow
- Existing GitHub organization with at least a single repository
- Network connectivity between SonarQube Server and GitHub