SonarQube is a popular development tool that is used in software development to catch bugs and vulnerabilities in your applications. In this section, we will learn how to automate static code analysis to detect bugs and anti-patterns that you can use in your CI/CD pipelines.
Clone the k8sdevopscookbook/src repository to your workstation in order to use the manifest files under the chapter4 directory:
$ git clone https://github.com/k8sdevopscookbook/src.git
$ cd src/chapter4
Make sure you have a Kubernetes cluster ready and kubectl and helm configured so that you can manage the cluster resources.
How to do it…
This section is further divided into the following subsections to make this process easier:
- Installing SonarQube using Helm
- Accessing the SonarQube Dashboard
- Creating a new user and tokens
- Enabling Quality Profiles
- Adding a project
- Analyzing a project
- Viewing issues by category
- Adding a SonarQube badge to your...