How to Automate Code Scan with SonarQube from Azure DevOps YAML Pipeline | SonarQube Azure DevOps

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone welcome back in this video we are going to learn how to integrate sonar cube with Azure devops AML pipeline I have already integrated sonar Cube from Azure devops using classic pipeline so if you wanted to learn about that you can actually visit this particular website I will also post this link right below the video as well so this particular diagram talks about how you can integrate using classic pipeline okay you see here uh this is actually not a modern way of doing right but this particular video what we are going to do is we are going to build Azure devops AML Pipeline and then we are going to integrate sonar Cube meod and then we will perform some static code analysis for a Java springboard project what we have configured in GitHub if you look at this diagram we have already configured a Java project in GitHub so this is my springboard Java project configured in GitHub we are going to build Azure devops AML Pipeline and then the pipeline would check out code from GitHub and then we would integrate with sonar Cube to perform static code analysis and then we are going to capture the results in the sonar Cube dashboard and then we will see all the bug report Cod SMS any any kind of a technical dat with the code you're going to see that in the son on our Cube dashboard okay so that's exactly what we are going to do in this video great guys so let's get started so if you see here uh the prerequisite is you know we need to have azur daps account so this is my azur devops dashboard okay I have already created a project underneath okay so this is where we are going to build a pipeline so I will come back to this in a minute and then we also need to make sure that our sonar cube is configured so I have already configured my Sonar cube in AWS Cloud but again the sonar Cube can be hosted anywhere uh in this example I'm actually using Sonar Cube which is set up in AWS Cloud but if you wanted to learn how to configure sonar cube in Azure Cloud you can click on this particular link so you can provision ofm and then you can configure sonar Cube um I have an example of you know setting up sonar Cube using Docker compose so if you wanted you know you can also follow that as well so as long as sonar cube is available in the public network then you should be able to integrate uh from your aaps okay and then our Java project so that is our Java project configured over here so perfect and then we also need to have a service Connection in order to integrate with GitHub I have already done that so if you see here if I go go to Project settings service connections there you go you see here right so I have already I think one of the thing I don't know which one it is probably this one I have already integrated uh maybe not probably this one there you go you see here so you might want to create personal access token in GitHub and then using the token uh you would be able to integrate with GitHub okay so the service connection needs to be created and then we also need to create a service connection to integrate with sonar Cube from aavs so I will actually show you how we can actually do that okay so I will definitely show you how to do that and then last but not the least we also need to have sonar Q plugin install in aavs as well this is very important because um you know we are going to integrate with sonar Cube from aav Ops so the plug-in needs to be installed so how would you do that you can actually click on this particular link so this is actually nothing but uh marketplace. visual studio.com so this is where you can add any kind of a you know third party plug-in uh you know or add on whatever you call right with aavs so this is the place right you see here and then you can search for sonar Cube and you can search okay so you see here so I have already installed this particular addon uh in my Sonar in azs so I'm not going to do that it is already there and if you click on Get It Free it will clearly tell you that this plugin is already added you see here this is already added okay so yeah so that's it right so let's get started here um the first step would be we need to actually create a service connection so how do you do that let's go to service connections here I already have one entry here but doesn't matter I'm going to delete that one not a problem so let me uh click on a a new service connection click on new service connection and then search for sonar Cube okay and then this is where we are going to enter our server URL and everything okay but make sure you have already installed sonar CU plugin as part of your aav Ops if you don't install the plugin this option will not come okay all right so what is the server URL so this is my Sonar Cube I have already configured let me go ahead and then enter the URL perfect and then it is asking for the token so the way you're going to integrate with sonar cube is we need to create a token in sonar Cube so log into sonar Cube dashboard um you know you have to be an administrator go to my account go to security this is where we are going to create a token so you can say my Azure devops token make sure you select Global analysis token uh again depending on the password policy uh you know at your company you're going to go with either of these options okay uh but I'm okay with 30 days so click on generate there you go so that is my Sonar Cube token so I'm going to copy that I'm going to paste that over here perfect and then let's give some uh name for our service connection I wanted to give my R Cube and then make sure you grant access permission to all the pipeline make sure you check this and then save so there you go right that's it so the service connection got created with sonar Cube so we are actually good so we have already done all these steps right so we have created the token and then we have created the service connections perfect so everything is looking good all right so now all we have to do is go ahead and then create AML pipeline okay so I'm going to use this particular project dashboard okay so go to pipelines and then click on create pipeline since we are going to go with AML pipeline so I'm not going to use the classic editor okay so if you wanted to learn how to do that you can definitely watch my another steps I will post this link right below the video as well so you can learn how to do that so we are going to go with AML pipeline since our source code is in GitHub we are going to go ahead with this option so click on GitHub and then it is going to ask for your GitHub repository so again right I have already authenticated with GitHub by creating a service connection so that's the reason why all this option coming and this is my repo right okay so that is right here so go ahead and then select that one and then it is asking for how do you want to configure your pipeline so there are various uh pipeline templates available for us I know this is just like you know we are going to uh create a very simple AML Pipeline and then we are going to integrate with sonar Cube uh since this is a Java based project I'm going to go ahead and you know select this option but let's say you wanted to uh create a pipeline and then you wanted to deploy into Azure app service then you might want to click on this one okay but as part of you know this demo I'm okay with this one so I'm going to go ahead and then select Maven there you go guys do you all see here so this has automatically created a pipeline code for me so we have to you know tweak this little bit so let's check couple of things here so if you see here there is a jdk version 1.8 so please do understand that guys you know if you wanted to uh integrate with the sonar Cube using Mayan okay so this will not be supported so we need to change into jdk 17 or 1.7 okay so we have to use that okay and then what is our mavan goal if you guys remember if you wanted to integrate with the sonar Cube the mavan goal has to be sonar colon sonar okay and then most importantly what we have to do is we have to add a task for performing or or preparing our sonar Cube environment right so click on the show assistant here make sure you go right above the task and then just search for sonar Cube so again right you have to install your sonar Cube add-on if you don't install the add-on then this option will not show up okay so select this one and then all you have to do is select the service connection what we have configured earlier and then let's go ahead and then use this option Maven okay so I think that is it pretty much over there I don't think you need to do anything uh just for this particular demo so go ahead and then click on ADD there you go guys do you all see here so this has added this particular task wonderful okay and then this is very important if you don't put sonar colon sonar uh you know then it will not integrate with sonar Cube so this is the mavan goal that needs to be entered okay perfect and then if you actually see here uh we are also creating some junit test results we are actually storing in this particular uh you know path right in this particular file so if you wanted to capture that we can also do that as well uh so let's actually go back to the code I have already provided the entire code over here okay uh so let's also go ahead and then add this particular uh task publish test results again if you want you can also do that over here as well you can also go to search task and then say publish and then just scroll down look for there you go this one right publish test results so make sure you're in the right place let's select this one and then I'm I'm okay with all these options okay so this is perfectly fine and then click on ADD there you go so that's it right so this has added this one so why I'm actually adding this is if I wanted to see the you know uh all the unit test results execution as part of the pipeline you know we can actually you know see that as well so that's all all right so I think that's pretty much over there uh let me make sure we have the right file path okay and then uh if you want to fail the build you can also do that as well let me just make sure I I do that okay let's just take care of that as well perfect okay so make sure you know you are picking the results from this particular path right that's what it is and then fail task on failed unit test I mean if you wanted to fail the bill you can also do that as well perfect I think that's that's it over there okay I know I know it says that it has to be a 1.7 but 17 also will work fine so that is also fine I think you can ignore that so that's it right I don't see you know anything else needs to be done uh as part of this particular uh demo and then this is our build agent so we wanted to use wub 2 as a build agent so this agent is actually hosted in Azure Cloud uh so we are using azzure devops hosted agent not selfhosted agent if you wanted to use a selfhosted agent uh your self-hosted agent needs to have jdk 17 install and whatnot okay so that's a slightly a different configuration okay great so why don't we go ahead and then click on save and run so the moment you say save and run what this will actually do is this will create this particular pipeline AML file as part of our GitHub repository so refresh here click on refresh there you go do you all see here so that's the pipeline code which has been committed uh you know over here all right so pipeline also started running as well so click on the job there you go so right now it is in the process of Performing Maven build so let's see wow so so let's click on Maven task over here let's scroll all the way down so as you can see here guys you know we are able to integrate with sonar Cube okay and then as you can see here you know we are using this particular Java version okay we are using M right okay so we are able to load all the settings and everything all the uh rules and everything and then we are able to perform the Sona scan and we can also see that the analysis got successful and then we should be able to see the results and then there are some exception I'm not too much worried about this one I think you can I think there is some issue with my uh with my probably one of my mayen dependencies but I'm not too much concerned about it so that's it right and then if you see here our unit test also has been updated as well okay so where you can actually see this is uh go to here and then click on this one and then go to test there you go W see here so I have actually created two unit test so both have been passed all right but what we are trying to do is most importantly we are actually integrating with sonar Cube so there you go you all see here so it has created this part particular entry so this is the the jav the spring board Java project right okay so as you can see here the analysis happen Okay like 2 minutes ago so likely there are no no defects right so you can literally see that you know everything is working fine so literally there are no defects as part of our code but if there are any defects you're going to see it see it right here all right yeah so this is how guys you know this is how you can uh you know perform static code analysis by integrating with sonar Cube using Azure dap's AML pipeline thank you for watching my video I hope this was really useful to you all thank you

Info

Channel: DevOps Coach

Views: 266

Rating: undefined out of 5

Keywords:

Id: hiHxu_Qrwsk

Channel Id: undefined

Length: 16min 17sec (977 seconds)

Published: Thu May 16 2024