The course is part of these learning paths
This course explores how to manage code quality and security policies with Azure DevOps, and will help those preparing for Microsoft's AZ-400 exam.
It starts by examining the definition of code quality and how to write high-quality code. Next, we’ll look at what goes into code quality scanning and at how SonarCloud can help monitor code quality, and you'll see a hands-on demonstration that shows you how to use SonarCloud in the pipeline.
You'll learn what code coverage means and how to use the “Publish Code Coverage Results” task to report on code coverage. This course also covers security policies, including OWASP and its Top-10 list, as well as looking at a couple of popular security analysis tools.
If you have any feedback relating to this course, feel free to get in touch with us at support@cloudacademy.com. Any URLs referenced during this course can be found in the relevant lecture transcripts.
Learning Objectives
- Understand what high-quality code is and how to write quality code
- Learn how to monitor code quality
- Learn how to report on code coverage
- Learn about the OWASP Top Ten
- Understand how security analysis tools can be used in conjunction with Azure DevOps to check code for vulnerabilities
- Learn how to configure SonarCloud in a pipeline
Intended Audience
This course is intended for those who are preparing for the AZ-400 exam, or anyone who wants to learn more about managing code quality and security policies with Azure DevOps.
Prerequisites
To get the most from this course, you should have a basic understanding of Microsoft Azure and of DevOps concepts.
Congratulations. You’ve come to the end of Managing Code Quality and Security Policies with Azure DevOps. Let’s review what you’ve learned.
We kicked things off by looking at the definition of code quality. After defining what code quality means, we dove into what it takes to write high-quality code.
Next, we looked at what goes into code quality scanning and at how SonarCloud can help monitor code quality.
Once we worked through code quality scanning and through monitoring code quality, you saw a hands-on demonstration that showed you how to use SonarCloud in the pipeline.
As we progressed, we looked at what code coverage means and how to use the “Publish Code Coverage Results” task to report on code coverage.
Later on, we touched on security policies, where you learned about the OWASP and its Top-10 list. We took a look at 5 of the top entries in the OWASP Top-10.
We rounded things out by looking at a couple of popular security analysis tools.
At this point, you should have the foundational knowledge that is required to effectively Manage Code Quality and Security Policies with Azure DevOps.
To learn more about Managing Code Quality and Security Policies with Azure DevOps, you can, and should, read Microsoft’s published documentation. You should also keep an eye out for new courses on Cloud Academy, because we’re always publishing new ones. Be sure to give this course a rating, and if you have any questions or comments, please let us know. Thanks for watching and happy learning.
Lectures
Course Introduction - Code Quality Defined - Monitoring Code Quality - Reporting on Code Coverage - The OWASP Top Ten - Security Analysis Tools - DEMO: Configuring SonarCloud in a Pipeline
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.