SonarQube : The complete course on SonarQube and SonarCloud with CI/CD integration - Bootcamp
SonarQube, Continuous Code Inspection, Quality Analysis, Static Analysis of Source Code of 27+ languages in real time .
Updated on Jan, 2026
Language - English
IT and Software ,Other IT and Software,DevOps
Lectures -13
Resources -17
Quizzes -1
Duration -2.5 hours
Lifetime Access
Lifetime Access
30-days Money-Back Guarantee
Get your team access to 10000+ top Tutorials Point courses anytime, anywhere.
Course Description
SonarQube: DevOps + Security + QA mostly used opensource tool
SonarQube is an open-source tool used for continuous inspection of code quality to perform automatic reviews with static analysis of code to detect bugs, code smells, and security vulnerabilities on 27+ programming languages.
Audience:
Freshers, Project managers, Developers, Architects, QA, Support Engineers, DevOps, DevSecOps, Infosec, Process engineers can master the course and excel in their careers.
Course Content:
- Coding best practices.
- Installation of SonarQube, Jenkins, docker, and docker-compose.
- Configure and connect Sonar Scanner
- Installation & Configuration of ANT, Maven, Gradle, NodeJs, and Python.
- understanding the basic terminologies used in SonarQube.
- Onboarding projects on Jenkins & SonarQube.
- Integrating Jenkins Jobs to SonarQube & publishing the results of the projects for analysis.
- Integrating Sonar Scanner with build tools like Ant, Maven, Gradle, NodeJs, Python, etc.
- Installation of plugins in Jenkins & SonarQube.
- Project Administration.
- Analysis of Bugs, Vulnerabilities, Code Smells, Debt, Code Coverage, Unit/Integration test.
- Configuration & Administration of SonarQube.
- Configure & analyze Quality Gates and Quality Profiles
- Fail SonarQube projects based on conditions of Quality gates.
- Fail Jenkins projects based on conditions of Quality gates mentioned in the SonarQube project.
- Learn to read and understand Complexity.
- Identifying Duplicated lines, files, and blocks across the projects
- SonarQube Rules and Rule Templates.
- Managing rules and creating custom rules with templates
- Maintainability, Reliability, and Security Ratings.
- Handling identified issues.
- Administration tasks - Users, Groups, Permissions, token creation.
- SAST analysis.
- SMTP settings and notifications via email on various criteria set for projects.
- Branding Image: replace the sonar image with your company's brand image.
- SonarQube market place.
- SonarQube system details.
- Integration with real-time code analysis plugins like Sonar Lint with IDEs like Eclipse
Goals
- Understand SonarQube's role in enhancing code quality, security, and maintainability.
- Static Application Security Testing (SAST)
- Secure coding pratice
- Sonar Scanner Integration with DevOps tools like Jenkins
- Identifying Bugs, Vulnerabilities, Debt, Code Coverage and Code smells in Projects
- Detect tricky issues, logic errors, resource leaks, null pointers during development cycle itself
- Understand SonarQube's role in enhancing code quality, security, and maintainability.
- Identify bugs, security vulnerabilities, technical debt, code coverage gaps, and code smells in your projects using SonarQube.
- Secuity vulnerabilities testing
- Install and set up SonarLint in popular IDEs like VSCode, Eclipse, and IntelliJ for real-time code quality analysis
- Learn to install essential plugins and perform key administrative tasks in SonarQube for effective project governance.
- Learn how to seamlessly integrate SonarQube with GitHub Actions/ Gitlab for automated code quality checks in your CI/CD pipeline.
- Master managing Quality Profiles and Quality Gates in SonarQube to enforce coding standards and maintain high code quality across projects.
- Understand static code analysis and how SonarQube highlights code issues for better quality.
- Learn how to generate and report test coverage using SonarQube for improved code quality insights.
- Learn how to run SonarQube locally using Docker for seamless code quality analysis.
- SonarQube Administration
- Quality Gate, Quality profile
- Jenkins & SonarQube Pluggin Installation
- Fail/Pass job based on Quality Gate Criteria
- difference between community and enterprise edition
- Sonar Cloud
- sonarqube with CI/CD pipelines
- sonarqube security vulnerabilities
- Integrate SonarQube with Jenkins
- Integrate SonarQube withgithub
- Integrate SonarQube with gitlab
Prerequisites
- Basic IT knowledge.
- No specific requirements, everyone can learn this course from scratch.
- Introduction to development, coding practices, and hands-on with build tools will be an advantage.
Curriculum
Check out the detailed breakdown of what’s inside the course
SonarQube : Introduction
1 Lectures
-
SonarQube Introduction
09:30
09:30
SonarQube Pre-Requisites
1 Lectures
SonarQube : SonarQube Setup with Jenkins
1 Lectures
SonarQube : ANT | Java Project Analysis
1 Lectures
Sonar Lint analysis with intellij (IDE)
1 Lectures
SonarQube : Maven Project Analysis
2 Lectures
SonarQube : Gradle Based Project
1 Lectures
SonarQube : NodeJs Based Project
2 Lectures
SonarQube : Python Based Project
1 Lectures
SonarQube : Miscellaneous
1 Lectures
Knowledge Check
1 Lectures
Instructor Details
Amrit Choudhary
Course Certificate
Use your certificate to make a career change or to advance in your current career.
Our students work
with the Best
Related Video Courses
View MoreAnnual Membership
Become a valued member of Tutorials Point and enjoy unlimited access to our vast library of top-rated Video Courses
Subscribe now
Online Certifications
Master prominent technologies at full length and become a valued certified professional.
Explore Now