Automate SonarCloud code scans using GitHub Actions

preview_player
Показать описание
#sonarcloud #githubactions #codequality

SonarCloud is a static code analysis service that automates code scanning for 24 mainstream programming languages and frameworks including C#, Java, Python, TypseScript, JavaScript, Go, Kotlin, etc. In this video, we see how to set up automated code scans using GitHub Action workflow.

▬▬▬▬▬▬ 🔗 Additional Info 🔗 ▬▬▬▬▬▬

▬▬▬▬▬▬ ⏱ Chapters⏱ ▬▬▬▬▬▬
00:00 - Introduction
0:46 - What is SonarCloud?
2:45 - How to integrate with SonarCloud?
4:25 - Configure Token
5:35 - Enable Github Action for GitHub repository
6:20 - Sonarcloud Github Action repo
8:10 - Add workflow definition to project
10:10 - Add SonarCloud token as secret in Github project
12:20 - Trigger Github action on source code check-in
13:50 - View different steps related to Github Action
14:20 - SonarCloud scan results
15:25 - Sonarcloud default scanners
16:45 - View scan results in SonarCloud portal
17:45 - Different categories in SonarCloud analysis
18:30 - Vulnerability levels
21:50 - SonarCloud rules
23:00 - Quality Gates
27:00 - Analyse external library Bootstrap using SonarCloud
28:35 - Summary

▬▬▬▬▬▬ 👋 Contact me 👋 ▬▬▬▬▬▬
Connect with me here:

#GitHubActions #DevOps #SonarCloud #howto #demo #tutorial #tipsandtricks #codescan #StaticCodeAnalysis #GithubActionsCICD #QulityGates
  1. Nilesh Gule
  2. SonarCloud
  3. github actions
  4. automated code scanning
  5. sonar cloud secrets
  6. sonarcloud
Рекомендации по теме
Automate SonarCloud code 0:30:17

Automate SonarCloud code scans using GitHub Actions

How to do 0:00:28

How to do Code Analysis in Minutes with SonarCloud | Automatic Code Analyzer

Efficient GitHub Code 0:34:06

Efficient GitHub Code Scanning with SonarCloud and GitHub Actions | SonarQube | GitHub | Code Scan

Automating Code Quality 0:06:20

Automating Code Quality Checks: Continuous Scanning with SonarCloud

SonarCloud with Github 0:02:12

SonarCloud with Github

GitLab | SonarCloud 0:22:17

GitLab | SonarCloud | Code Scan | How to Set Up GitLab Code Scan with SonarCloud | SonarQube

Sonarcloud scan integration 0:23:50

Sonarcloud scan integration using Github action workflow | DevSecOps | Security #automation #github

Automate Java Code 0:18:04

Automate Java Code Analysis with SonarCloud & GitHub Actions

How to Integrate 0:13:08

How to Integrate SonarQube with GitHub Actions | Automate Code Scan using SonarQube in GitHub Action

Get started with 0:00:26

Get started with SonarCloud in 3 easy steps!

Instant Pull Request 0:00:31

Instant Pull Request Analysis with SonarCloud | Detect Security Vulnerabilities, Bugs & Code Sme...

SonarQube: How to 0:08:22

SonarQube: How to run Static Code Scanning?

How to Integrate 0:14:54

How to Integrate SonarQube with Azure DevOps | Automate Code Scan using SonarQube In Azure Pipelines

CICD for Automation 0:23:27

CICD for Automation Testers - 13.5. SonarQube SonarCloud and Jenkins Integration for code scanning

What is SonarCloud? 0:00:57

What is SonarCloud?

SonarCloud Setup | 0:04:03

SonarCloud Setup | SonarQube | Security | Practical | SAST | Static Scan | Java .Net (Part I)

Code Quality with 0:50:20

Code Quality with Sonarcloud in GitHub Actions

Sonar Cloud Integration 0:04:49

Sonar Cloud Integration with Azure DevOps Part 1

How To Sonarqube 0:26:08

How To Sonarqube Setup From Scratch And Code Analysis (2024)

Automate Code Quality 0:03:01

Automate Code Quality Course: 06.1 Initial SonarCloud Setup

FAST open-source C 0:01:00

FAST open-source C and C++ projects analyzed in SonarCloud with automatic analysis

SonarSource: Automatic Code 0:05:24

SonarSource: Automatic Code Analysis in the Cloud with AWS

What is SonarQube? 0:00:57

What is SonarQube?

Improving code quality 0:08:31

Improving code quality with SonarCloud and GitHub

Комментарии
Автор

Hi Sir, Your Automate SonarCloud code scans using GitHub Actions are very useful, Please try to continue your new video postings.

kalaivani
Автор

hi Sir I got this error "ERROR: You must define the following mandatory properties for 'Unknown': sonar.projectKey, sonar.organization", how can I fix it

mersy
Автор

Hi. can i know where you get the sonar-cloud-scan.yml in visual studio?

foongcheehao
Автор

Thank you so much.
You omitted just one single thing. To make this procedure work, I had to go in the Administration panel on SonarCloud and disable the "Automatic Analysis" because of an error which said that I can't have both the Sonar Analysis and the CI analysis.
Honestly, I have no idea on what a CI analysis is and how to disable it. Online I didn't find anything useful. I will be so grateful if you can explain it to me.
Thanks again for the tutorial.

kreeve
Автор

Can we configure sonal cloud in local visual studio before check in code?

thinkagain
Автор

After setting the things, even I wrote testcase for controller, in overview dashboard coverage showing 0, why ?

leejojose
Автор

Thank you for this Great lecture. Can you please tell me the difference between master and v1. 3 @10:00?
Thanks again

himanshuupadhayay