Azure DevSecOps | Integrate Sonarqube with Azure Pipeline to run Static Code Analysis

In this Videos we are going to discuss about sonarqube and how to integrate sonarqube into azure DevOps YAML pipelines. In the demo, I have run the Static Code Analysis (SCA) on ASP.Net Core application and then by using gates and approvals deployed the web app into Azure App service.

SonarQube is an open-source tool that assists in code quality analysis and reporting. It scans your source code looking for potential bugs, vulnerabilities, and maintainability issues, and then presents the results in a report which will allow you to identify potential issues in your application.

How to install Sonarqube:
  / sonarqube-on-azure-ubuntu-20-04-lts  

#azure #cloud #security #devsecops #devops #asp.net #sca #staticcodeanalysis #sonarqube #sonar #cicd #pipeline #cloudsecurity #cybersecurity