Configuring code analysis for SonarQube Server with GitLab CI/CD

Overview

This course demonstrates how to set up automated code scanning in your GitLab repositories by integrating GitLab CI/CD with SonarQube. You'll learn to identify issues early in the development workflow to maintain high quality and security standards for your codebase.

Learning objectives

After completing this course, you’ll be able to:

• Explain the benefits of automated code analysis with GitLab CI/CD and SonarQube.
• Set up triggers in GitLab CI/CD that automatically initiate code analysis with SonarQube.
• Configure a GitLab CI/CD workflow for code analysis with SonarQube.
• Review SonarQube analysis results to understand code quality findings.
• Customize your code analysis workflows for different project needs.
• Apply troubleshooting tips to resolve common issues.

Key topics

• Setting up a basic code analysis workflow
• Reviewing code analysis results 
• Applying SonarQube's code analysis across different programming languages
• Troubleshooting common issues
• Resources and best practices

Target audience

• DevOps engineer
• Developer
• Engineering leader
• Analyst

Prerequisites

• SonarQube Server instance up and running (Developer Edition, Enterprise Edition, or Data Center Edition)
• Create Project permission or Admin permission of a Project, and Execute Analysis
• SonarQube global analysis token
• Active GitLab account
• Administrative permissions in GitLab to create and manage repository variables
• Existing GitLab group with at least a single repository
• Network connectivity between SonarQube Server and GitLab 
• SonarQube Server is accessible via a public URL