🔥Trigger SonarQube Analysis from Jenkins🌟 || Part - 2 || engineerhoon
ฝัง
- เผยแพร่เมื่อ 8 ก.ค. 2024
- #sonarqube #jenkins #integration
Welcome to Engineerhoon !
Hey everyone! In this video, I'll show you how to connect SonarQube and Jenkins. This will help improve your code and make sure everything runs smoothly. It's a must-know for developers. Stay tuned for more videos like this. Let's dive in!
🕒 Timestamps:
00:00 Intro & Agenda
1:00 Create freestyle project
1:30 Add project and configuration
4:03 Build project and trigger analysis
4:29 Analyse report walk-through
5:34 Outro
🔗 More videos:
SonarQube playlist : • SonarQube Tutorial
A Comprehensive Guide to Mastering Backend Engineering 🔥: • A Comprehensive Guide ...
Steps to get started with coding : • steps to get started w...
Sonarqube setup from scratch and Code analysis | [Latest 2022] : • Sonarqube setup from s...
🔔 Don't forget to like, share, and subscribe for more in-depth tutorials on Engineerhoon !
You can follow me on below links:
LinkedIn: / sunny-shaw
Medium: / sunnyshaw_12357
GitHub: github.com/sunny-shaw - วิทยาศาสตร์และเทคโนโลยี
Thank you! This video was really helpful and steps are easy to follow, I've tried several tutorials but only with yours I succeeded.
awsome
Thank you!
Please confirm if in sonarqube analysis shows failed then why pipeline is not getting failed?
um hello of the brazil, thnx
Thank you!
i am getting, 0 lines analyzed for .net core project in sonarqube panel. can you guide me?
can you please explain how sonar qube line of code, price of per edition, and how each edition use LOC limit is count. if we have source code of number of line (like 50 lac) then we will buy plan according to that ....then over lince limit will be over...if its over then we have again buy somthing.
Bro for every project , token should be same or it changes.
Using a single token for all projects in SonarQube and Jenkins is not recommended for security reasons. Tokens are typically used to authenticate and authorize access to specific resources or actions. Using a single token for all projects can pose significant security risks:
Lack of Granularity: A single token would provide the same level of access to all projects and actions within SonarQube and Jenkins. This means that anyone with the token would have unrestricted access to all projects, including potentially sensitive or critical ones.
Difficulty in Revoking Access: If the token were compromised or if someone with access needed to have their permissions revoked, you would need to invalidate the token for all projects, affecting legitimate users and processes.
Audit Trail Issues: Using a single token makes it challenging to track who performed specific actions within SonarQube and Jenkins. This can be critical for auditing and troubleshooting purposes.
Limited Role-Based Access: Security best practices often involve implementing role-based access control (RBAC) to ensure that users and systems have appropriate permissions. Using a single token bypasses RBAC mechanisms.
To maintain better security and access control:
In SonarQube, consider creating separate tokens with appropriate permissions for each project or group of projects. This way, you can control who can access and perform actions on specific projects.
In Jenkins, use built-in authentication and authorization mechanisms. Jenkins supports a wide range of authentication methods, including LDAP, Active Directory, and more. You can also set up fine-grained access control using the Role-Based Authorization Strategy plugin.
@@Engineerhooon Hi Bro thanks for clarifying my question. Much appreciated. Can I have your WhatsApp number Bro?
I installed a plugin but I do not have an option( prepare SonarQube scanner environment )
Please check Jenkins version. Try on latest. Try restarting Jenkins.
How to use in pipeline. Only showing build environment in freestyle not in pipeline
ERROR: Error during SonarScanner execution ERROR: You're not authorized to analyze this project or the project doesn't exist on SonarQube and you're not authorized to create it. Please contact an administrator. -> getting this error, any idea how it can be resolved?
"Error during SonarScanner execution" getting this error after i triggered build
Check logs for error
sorry am not check the environment variable good thank you!
Correct 👍