SonarQube on Docker | Setup SonarQube for Code Coverage, Vulnerabilities scan, Static Code Analysis

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello friends welcome back to my channel in my previous tutorials we have seen how to integrate Jenkins with maven we also have seen how to use msbuild we have created our own simple c-sharp project and we have done the MS Bill and we have also seen how to create Jenkins pipeline jobs and how to deploy your application to docker using Jenkins by planets core so if you have not seen those tutorials be please go to my channel and go through it so in this tutorial we are going to set up so on our cube as a docker container so Zone R cube is an open source platform developed by sonar source and this is specifically used for instruction of cord quality and to perform automatic reviews with static analysis of court and its own R cube detects the bugs code smells and also to detect vulnerabilities so by end of this tutorials we'll have a sonar cube running as a docker container with persistent volume and we'll be able to do static code analysis we'll be able to see the Box detected as part of scan so let's start if you haven't subscribed to my channel kindly subscribe like the video share and comment since we are going to run sonar cube as a docker container I have already have installed docker on a cinder ice machine if you run the docker version you can see the docker version is listed and we are going to use docker hub to get the sonar cube image so before that let's go through the documentation for sonar cube so if you go through the documentation page you will see the minimum requirement of the machine so I am having this machine which however more than 2 gigabytes of RAM and enough storage so if you don't have that configuration your sonar cube may not be running correctly so sonic cube does you know you need a database but this is a docker container so we are not using proscribes or different database and there are some Linux setting which we need to change so we need to map the memory and size and also the file system so some settings which is basically because of the sonar cube using the elasticsearch on the back end so if you go to docker hub and search for sonar cube you will be able to get the image for it so here you can see that requirement so you can go through this so we need to make these changes in the Linux machine so it's the same as we see it in the sonar cube documentation page so let's run this in the verse and os machine so I have given all the links and the commands in the video description so you don't have to worry just copy and paste it from the video description okay great so we are done with the basic configuration for the sender's now if you scroll down in the docker hub documentation page it's it's talks about a few config files which we can map and if you click on this link it's taking us to the sonarqube documentation page where it says how to use a docker for running sonar cube so we will make use of this command this is the simplest docker container run command we will also see in future how we can enhance this with attaching some of the volumes for configuration file so we are going to run docker run - Dean detach mode and the name of the container so on our queue and we are going to use the port 9000 from host and as well as from container and let's call for the image which is on our queue so it's downloading the image from the docker hub since it's not available locally on the machine so let's wait for the download to be completed you if you see it has to download approximately around 260 megabytes of data it takes time depending upon your internet connection we are almost done it's just extracting the downloaded content okay great so we have the container created let's run docker PS and you can see the docker container for sonarqube is running so now we can access the sonarqube instance using the hosts IP address and the port 9000 which is a map to the localhost so if you have used a different port number you have to use that to access the sonarqube instance okay let's wait it's starting up okay great so you can see we are in the home page and we can log in so the default login is admin and the password is also admin and if you click on login we are able to log into the sonarqube or home page now if you see we have different tabs here like issues rules quality gates profiles administration so you can go through these things one by one so in administration we'll be able to create new users you can set you know different properties there now we can create a new project by clicking on create new project and let's give a name for the project key this project key we'll be using in different places when we try to integrate with no Jenkins and also the token so these are two things we mainly use okay you can see a test project is created now and from the quality gates you can see some person dates we have set like quality coverage duplicate line so depending upon that you know will be getting the output we can also create our own customized quality gates which you can use it for your integration and scanning the code so you can set the values how much you want to set so you can just try out these things you know from the quality gate section now in the administration section as I said we can manage the users and the projects we have we have security section so different options are there groups the global permission so different parameters which you can go through it you can try to look through it and you'll be able to understand more from from there itself so this is generate secret key so you can do it from here as well as I said this may be one of the key parameters which we may use it for integrations okay let me clear out the screen now okay so when you run the docker PS we have this container running so I'm going to remove the current sonar cube container using docker arm - have F because it's I'm going to force the running container to be deleted if you stop the container you don't need to use a - yep now I'm going to create a new docker container force on a queue it's going to be this almost same with docker run - D the name is sonarqube and the port 9000 but the changes we are going to use - we the volume parameter and we are going to map few volumes like sonar cube underscore corn which will be mapped to the docker container location which is /opt slash sonarqube slash conf and we are going to map a doubt volume which is sonar cube underscore extension and this is going to be mapped to the location in docker which is /opt slash sonar cube slash extensions and that we are going to add one more volume this is going to be sonar cube underscore data sorry it's just going to be so R cube underscore locks and it's going to be mapped to the location inside the container which is /opt / sonarqube / locks and one more volume so it's not mandatory you have to do all these things but if you map it they know to your localhost it's easy for you to make these changes in any of these files in this location so the last volume is under scroll data which is going to be mapped to /opt sonar cube / data and we are going to run the container using the images on our cube so each the each of this location how different files which you maybe have to use it in your configuration force on our cube so let's run it so it's trying to download the image yep there is the type of error in the sonarqube that's why it's not able to find the image in the repository so let's change that into stone or cube and let's run the container again okay this time it's quick because the image is already downloaded so if you run the docker PS we have a docker container running force on our cube and if you run the command docker volume unless so this will list down all the volumes attached to your host machine so if you see there are 4 volumes which is sonar cube on a scroll count data extension and locks which we created and the default location for the volumes in docker is /wor lip / docker / volume and there will be underscore data folder inside the volume name like sonar Cuban is conf an underscore data now you see there is a file called surround or properties so if you read through the file there are lot of options which you can set which you will be using when you are really you know in-depth going to use this on our cue so but we are not going to make any changes at this point it just to show you there are some properties which we can use from these files let's try out other folders for volume is so you can see there are a lot of other folders under the extension like plugins the drivers so all those things will be stored in this folder now if we go to the Soraa cube on the scroll logs we have different locks available here like access start log we have web dot log sonar dot log so these things will be helpful for you to do some troubleshooting when the sonar cube instance is not running so it should be helpful to understand which one locks are available in which location so you know this is the first instance so I'm going to login with admin account as again because we are not logged into the instance so if I go to the access dot log now we can see some log for the login information so before that we were not able to see any data you okay so to summarize we have seen how to run sonar cube as a docker container and we have created a simple sonarqube instance with port exposed to 9,000 and we also have seen how to run a docker container with docker volumes map to config extension data and locks so we cannot access on our qubit through a portal using the hosts IP address and port 9000 we have created our own new project define our quality gates and seen how what other options are available in sonar queue so I hope this tutorial is informative for you thank you for watching kindly subscribe to my channel like the video share and comment
Info
Channel: Thetips4you
Views: 29,559
Rating: undefined out of 5
Keywords: sonarqube docker, sonarqube on docker, sonarqube using docker, jenkins sonarqube docker, sonarqube jenkins, sonarqube tutorial, sonarqube docker container, sonarqube docker tutorial, sonarqube docker download, sonarqube docker setup, sonarqube docker install, sonarqube docker image with postgresql, sonarqube for beginners, sonarqube devops, sonarqube coverage, sonarqube code analysis, quality code coverage, security analysis, vulnerabilities scan, Static Code Analysis
Id: ZAfMauwNFuQ
Channel Id: undefined
Length: 15min 26sec (926 seconds)
Published: Wed Jul 01 2020
Related Videos
DevOps | SonarQube Integration With Jenkins | SonarQube Scanner For Jenkins | Thetips4you
Thetips4you
30K
What and why is SonarQube ? | Setup SonarQube on AWS | SonarQube for DevOps
Valaxy Technologies
90K
Nvidia CEO Jensen Huang and the $2 trillion company powering today's AI | 60 Minutes
60 Minutes
419K
A practical guide on Docker with projects | Docker Course
Hitesh Choudhary
130K
SonarQube Configuration On Windows With SpringBoot | Code coverage | 2023
Simplifying Tech
4.1K
GitHubActions - SonarQube Integration for static analysis of Maven code base
crudsinfotech NG
2.6K
Complete Docker course in 30 mins | Docker Tutorial for Beginners 2024
Cloud Champ
22K
How to install SonarQube using Docker Compose | Setup Sonar with Docker Compose & Integrate Jenkins
DevOps Coach
10K
OpenAIs New SECRET "GPT2" Model SHOCKS Everyone" (OpenAI New gpt2 chatbot)
TheAIGRID
36K
SonarQube Quality Gate Jenkins Pipeline | SonarQube Code Quality Check & Quality Gate Failed
Thetips4you
14K
Kubernetes Tutorial for Beginners [FULL COURSE in 4 Hours]
TechWorld with Nana
7.7M
What is SonarQube? How to configure a maven project for Code Coverage | Tech Primers
Tech Primers
171K
How to analyze code quality using SonarQube | Easy tutorial
Engineerhoon
54K
How to run MySQL in a Docker container with dockerfile
Random code
39K
SonarQube Integration With Jenkins Pipeline | SonarQube GitHub Integration & Code Coverage Java
Thetips4you
24K
Ultimate Docker Compose Tutorial
TechWorld with Nana
111K
CompTIA Network+ Certification Video Course
PowerCert Animated Videos
6.4M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.