SonarQube Code Analysis for Maven Project using GitHub Actions | SonarQube Scanner GitHub Actions

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello guys so in this session we are going to learn sonar Cube code analysis with GitHub action for Maven project right so you can see here we I have created one repository with the name sonar Cube code analysis for Maven and here for uh for this we need a sonar cube right so as you know in my previous video we have learned how to install sonar Cube on Ubuntu 22.0 for LTS so here we need a sonar cube right so as you can see here here we have successfully installed sonar Cube on Ubuntu so you can see the dashboard of sonar Cube here right you can see here and you can see the URL my instance IP and the port number is 9000 right so that's the sonar Cube UI dashboard right so here we are going to learn sonar Cube Corner analysis with GitHub action for Maven project so as you can see this is my Maven project so you can see the files SRT SRC folder and Bomb Dot XML file so if you don't have any memory project then you can use my Maven project so simply you can copy my this project so you can upload my repository and use this project right okay so that's the maven project so now we are going to so now to code analysis with data action for Maven project okay so let's start so first of all here uh you need a magnet project so I have successfully created a repository okay now the next step is go to the sonar queue so here here is my Sonar key right so here in sonar Cube we need a create sonar token right so how to create so simply click on administrator and here go to the my account and here go to the security and as you can see here generate tokens tokens right so as of now I don't have any tokens so let's create token so here I'm going to enter a name Maven project and the token type is user token and expires in 30 days so click on June rate okay it's generated so as you can see the Note new token Maven project has been created and make sure you copy it now you won't be able to see it again okay so I'm going to copy my token and now go to the GitHub and here in my repository we need to create secret right for this token so as you know how to create secrets so go to the settings and scroll down go to the secrets and variables then actions and here if I scroll down you can see as of now we don't have any secrets so we need to create secret so click on new repository Secret and first of all I am going to paste my secret Here and Now enter your secret name so my secret name will be sonar doker right okay because that's my Sonar Docker okay so I click on ADD Secret okay it's done after that we need one more secret here so the another secret is so not URL so here first of all I'm going to enter a secret name sonar host URL and in secret we need to enter our sonar URL so here is our URL instance IP and our port number right okay click on ADD Secret okay as you can see repository secret added that means it's done right okay now now go to the code and now the next step is our workflow right to sonar Cube code analysis permanent so we need a workflow so as you know how to create workflow go to the add files click on create new file so first of all our folder name so our folder is GitHub then in GitHub we need one more folder if the name workflows and in workflows our yaml file right so my ml file will be admin.yaml and here we need a workflow enter your workflow right okay so first of all I am going to this official page of sonar Cube here you can see sonar Cube and the latest version is 9.9 that we have installed right so this is the official site of sonar Cube so as you can see here's GitHub Integrations and after that the prerequisite here if you are using GitHub Enterprise we need a recommended using some this GitHub Enterprise versions then Branch analysis so you can see the information about your GitHub and the sonar Cube so you can see the creating your GitHub app then steps you can see first of all GitHub ad name then home page URL user authorization and then web URL and so on after that here if I scroll down foreign project with GitHub action right so here we are going to learn how to uh analyze sonar cube with GitHub action for Maven project right so for that here first of all we need to create your GitHub secret that we have successfully created after that configure your workflow with the AML file then commit and push your code to start the analysis right okay so now we are going to creating our yaml file right that means our workflow so here you can see creating your GitHub secret okay we have successfully created our sonar token right and we have successfully added secret or sonar host URL okay you can see generator token in GitHub and create a new repository Secret in GitHub with sonar token name right okay then sonar host URL okay now the next is configuring your GitHub workflows build.yaml file right here now here in this first of all Community Edition and Developer Edition and above okay now so let's check our workflow so here is our workflow for Maven sonar scanner for mapping right okay so let's check our workflow so in node you can see a project you might have be provided through the command line parameter and so on okay now you can see our yaml file first of all as you can see name build on push branches main then pull request and job in job build our job name build runs on Ubuntu latest then steps here we are going to use this action checkout repository right with face step 0 right then here we are going to use jdk 11 Java version then cache sooner to package after that here we are going to use action check cash and you can see the runners operating system then after that here we are going to use actions repository right okay then here in this step build and analyze right that's the important step okay here in environment you can see we are going to use our GitHub token right in GitHub token we are going to use our secret GitHub token right after that next is next environment is sonar token that we have created right in sonar and then we we have careers we have ADD in our GitHub secret right and security is sonar token right after that sonar host URL that we have successfully added right then mvn hyphen be verified organization sonar Source scanner my weight and so on right okay so let's copy the workflow from here so I'm going to copy this workflow foreign okay so let's check the indentation okay it's write it okay now let's commit new file now let's go to the actions so as you can see the status is Q so now it's in progress so wait for few seconds so as you can see it's in progress so wait for few seconds take few seconds to complete okay it's done our job succeed you can see succeed in one one minute and 12 seconds okay now let's go to the sonar Cube analyst six so go to the sonar Cube home page so you can see my app and the last analyze the analysis is 34 seconds ago right you can see Maya right that means we have successfully analyzed this sonar Cube uh code with GitHub action for Maven project right so you can see my app and the details residency right okay so thank you for watching

Info

Channel: DevOps Hint

Views: 6,792

Rating: undefined out of 5

Keywords: SonarQube Code Analysis for Maven Project using GitHub Actions, Integrate SonarQube Scanner with GitHub Actions, Integrate SonarQube for Java Maven Project using GitHub Actions, GitHub Actions workflow for SonarQube for Java Maven Project, github actions tutorial, github actions ci cd

Id: DJtAExV6pvo

Channel Id: undefined

Length: 12min 15sec (735 seconds)

Published: Wed Mar 22 2023