When you enroll through our links, we may earn a small commission—at no extra cost to you. This helps keep our platform free and inspires us to add more value.

Other IT & Software
Udemy logo

SonarQube & SonarCloud Complete Course: SAST & Code Quality

SonarQube & SonarCloud 2025: Real-Time Static Code Analysis & Continuous Quality Inspection in 27+ Languages

     
  • 4
    •  |
  • Reviews ( 183 )
₹529
SonarQube & SonarCloud Complete Course: SAST & Code Quality

Related Courses

This Course Includes

  • iconudemy
  • icon4 (183 reviews )
  • icon3h 1m
  • iconenglish
  • iconOnline - Self Paced
  • iconprofessional certificate
  • iconUdemy

About SonarQube & SonarCloud Complete Course: SAST & Code Quality

SonarQube | SonarCloud | Sonarlint : DevOps + Security + QA mostly used opensource tool

SonarQube is an open-source tool used for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 27+ programming languages.

Audience:

Freshers, Project managers, Developers, Architects, QA, Support Engineers, DevOps, DevSecOps, Infosec, Process engineers can master the course and excel in their careers.

Course Content:

Coding best practices. Installation of SonarQube, Jenkins, docker, docker-compose. Configure and connect Sonar Scanner Installation & Configuration of ANT, Maven, Gradle, NodeJs, Python. understanding the basic terminologies used in SonarQube. Onboarding projects on Jenkins & SonarQube. Integrating Jenkins Jobs to SonarQube & publishing the results of the projects for analysis. Integrating Sonar Scanner with build tools like Ant, Maven, Gradle, NodeJs, Python, etc. Installation of plugins in Jenkins & SonarQube. Project Administration. Analysis of Bugs, Vulnerabilities, Code Smells, Debt, Code Coverage, Unit/Integration test. Configuration & Administration of SonarQube. Configure & analyze Quality Gates and Quality Profiles Fail SonarQube projects based on conditions of Quality gates. Fail Jenkins projects based on conditions of Quality gates mentioned in the SonarQube project. Learn to read and understand Complexity. Identifying Duplicated lines, files, blocks across the projects SonarQube Rules and Rule Templates. Managing rules and creating custom rules with templates Maintainability, Reliability, and Security Ratings. Handling identified issues. Administration tasks - Users, Groups, Permissions, token creation. SAST analysis. SMTP settings and notifications via email on various criteria set for projects. Branding Image: replace the sonar image with your company's brand image. SonarQube market place. SonarQube system details. Integration with real time code analysis plugins like Sonar Lint with IDEs like Eclipse

What You Will Learn?

  • Understand SonarQube's role in enhancing code quality, security, and maintainability. .
  • Static Application Security Testing (SAST) .
  • Secure coding pratice .
  • Sonar Scanner Integration with DevOps tools like Jenkins .
  • Identifying Bugs, Vulnerabilities, Debt, Code Coverage and Code smells in Projects .
  • Detect tricky issues, logic errors, resource leaks, null pointers during development cycle itself .
  • Understand SonarQube's role in enhancing code quality, security, and maintainability. .
  • Identify bugs, security vulnerabilities, technical debt, code coverage gaps, and code smells in your projects using SonarQube. .
  • Secuity vulnerabilities testing .
  • Install and set up SonarLint in popular IDEs like VSCode, Eclipse, and IntelliJ for real-time code quality analysis .
  • Learn to install essential plugins and perform key administrative tasks in SonarQube for effective project governance. .
  • Learn how to seamlessly integrate SonarQube with GitHub Actions/ Gitlab for automated code quality checks in your CI/CD pipeline. .
  • Master managing Quality Profiles and Quality Gates in SonarQube to enforce coding standards and maintain high code quality across projects. .
  • Understand static code analysis and how SonarQube highlights code issues for better quality. .
  • Learn how to generate and report test coverage using SonarQube for improved code quality insights. .
  • Learn how to run SonarQube locally using Docker for seamless code quality analysis. .
  • SonarQube Administration .
  • Quality Gate, Quality profile .
  • Jenkins & SonarQube Pluggin Installation .
  • Fail/Pass job based on Quality Gate Criteria .
  • difference between community and enterprise edition .
  • Sonar Cloud .
  • sonarqube with CI/CD pipelines .
  • sonarqube security vulnerabilities .
  • Integrate SonarQube with Jenkins Show moreShow less.