Sonarcloud With Aws, Azure, Gcp & More

Learn to integrate SonarCloud with multiple Cloud/Devops platforms with additional learning on SonarQube & SonarLint

What you'll learn

Learn SonarCloud Integration with Azure DevOps

Learn SonarCloud Integration with AWS

Learn SonarCloud Integration with GCP

Learn SonarCloud Integration with GitLab

Learn SonarLint execution in Intellij

Learn SonarQube using a Docker image

Learn to populate code coverage on SonarCloud Dashboard

Learn to implement Quality gates using SonarCloud

Requirements

Basic Programming experience

Good Cloud Knowledge

Good understanding of DevOps processes

Description

Who shall take this course?This "SonarCloud with AWS, Azure, GCP & More" course is designed for Developers, DevOps Engineers, Security Engineers, DevOps Engineers, SRE, QA Professionals interested to learn about maintaining code quality standards using automated tools. This is a focused SonarCloud course with a special focus on integrating it with different Cloud and DevOps platforms in Build pipeline. Learn and implement security in DevOps pipeline, get Hands On experience in using Security tools & technologies. This course is for:DevelopersDevOpsDevSecOpsSecurity EngineersAspiring professional in the Security domainQuality Assurance EngineersInfoSec/AppSec Professional Why purchase this course?Learning SonarCloud integration with cloud platforms offers several benefits:Code Quality and Security: SonarCloud is a powerful code analysis and security platform that helps developers identify bugs, vulnerabilities, and maintain code quality. By integrating it with cloud platforms, you can continuously monitor and analyze your codebase, ensuring that any issues are detected early in the development lifecycle. This helps in producing robust, secure, and high-quality software.Continuous Integration and Deployment: Cloud platforms, such as AWS, Azure, and Google Cloud, offer robust CI/CD (Continuous Integration/Continuous Deployment) capabilities. By integrating SonarCloud into your CI/CD pipeline, you can automate code analysis and quality checks as part of the deployment process. This ensures that only well-tested and quality code gets deployed, reducing the risk of introducing bugs or vulnerabilities into the production environment.Scalability and Flexibility: Cloud platforms provide scalable infrastructure and resources, enabling you to handle varying workloads and scale your applications as needed. Integrating SonarCloud with cloud platforms allows you to seamlessly analyze code across different projects and repositories, regardless of their size or complexity. This scalability and flexibility help maintain code quality and security as your projects grow.Collaboration and Visibility: Cloud platforms offer collaboration features, such as shared repositories, pull requests, and issue tracking, which facilitate teamwork and code review processes. By integrating SonarCloud, you can add code quality and security checks to these collaboration workflows. This ensures that every code contribution goes through proper analysis and review, enhancing collaboration, and maintaining a high standard of code quality across your team or organization.Industry Standards and Compliance: Many industries have specific standards and compliance requirements for software development. SonarCloud provides rule sets and checks for various coding standards, best practices, and industry-specific guidelines. By integrating SonarCloud with cloud platforms, you can enforce these standards and automatically check your code for compliance. This helps ensure that your applications adhere to regulatory requirements and industry guidelines.Overall, learning SonarCloud integration with cloud platforms empowers developers and teams to build better software by continuously monitoring code quality, improving security, automating analysis in CI/CD pipelines, facilitating collaboration, and ensuring compliance with industry standards.Prerequisites or Things you should know before taking this course: 1) Account creation in cloud2) Installation of Basic development tools such as Git, Visual Studio Code3) Cloud basic functions such as repository creation, code push in cloudDisclaimer: 1) This is an Intermediate to Advanced level course 2) English subtitles are auto-generated so please ignore any grammar mistakes

Overview

Section 1: Introduction

Lecture 1 Introduction & Course Agenda

Section 2: Deep Dive into SonarCloud

Lecture 2 What is SonarCloud?

Lecture 3 Hands-On: Create an account with SonarCloud

Section 3: Hands On: Implementing SonarCloud with Azure DevOps

Lecture 4 Hands-On: Integrate SonarCloud in Azure DevOps

Lecture 5 Hands-On: Understand how to implement Quality Gates in build pipeline

Lecture 6 Hands-On: Move security tokens from YAML file to Pipeline Variables

Lecture 7 Hands-On: Implement Quality Gates in build pipeline

Lecture 8 Hands-On: Populate Unit Test Code Coverage on SonarCloud Dashboard

Section 4: Hands On: Implementing SonarCloud with GitLab

Lecture 9 Hands-On: Integrate SonarCloud within GitLab

Lecture 10 Hands-On: Understand how to implement Quality Gates in build pipeline

Lecture 11 Hands-On: Implement Quality Gates in build pipeline

Lecture 12 Hands-On: Populate Unit Test Code Coverage for Project on SonarCloud Dashboard

Section 5: Hands On: Implementing SonarCloud with AWS

Lecture 13 Add BuildSpec YAML file in the vulnerable application to integrate SonarCloud

Lecture 14 Create SonarCloud Project and update BuildSpec YAML file with SonarCloud values

Lecture 15 Create AWS Code Build project and run SAST analysis using SonarCloud

Lecture 16 Hands-On: Populate Code Coverage of the project on SonarCloud Dashboard

Lecture 17 Hands-On: Move Sonar token to AWS secrets manager

Section 6: Hands On: Implementing SonarCloud with GCP

Lecture 18 Create Organization and Project in SonarCloud for GCP Pipeline

Lecture 19 Prerequisites for integrating SonarCloud within GCP pipeline

Lecture 20 Write CloudBuild YAML file code for SonarCloud Integration in GCP pipeline

Lecture 21 Push SonarCloud YAML code to GCP and execute SAST in GCP pipeline

Lecture 22 Review SAST scan results on SonarCloud dashboard and perform FPA

Lecture 23 Move Sonar Token from CloudBuil YML file to GCP CloudBuild Substitution Variable

Lecture 24 Prerequisites to populate Code Coverage on SonarCloud

Lecture 25 Push Code Coverage changes in Source Code to GCP & Review changes on SonarCloud

Section 7: Supplementary Lectures

Lecture 26 Hands-On: Execute SonarLint and Snyk(better alternative) in Intellij

Lecture 27 Hands-On: Run SonarQube using Docker

Lecture 28 Hands-On: Configure Maven in Jenkins before integrating SonarCloud

Lecture 29 Hands-On: Integrate SonarCloud with Jenkins

Section 8: Bonus Section and Next Steps

Lecture 30 Bonus Lecture

Developers,DevOps Engineers,Security Engineers,QA Engineers