Lab Steps

lock
Logging in to the Amazon Web Services Console
lock
Connecting to the Virtual Machine using SSH
lock
Launch Jenkins and SonarQube Docker Containers
lock
Login to SonarQube and Generate Security Token
lock
Log in to Jenkins and Complete the Default Installation
lock
Install and Configure SonarQube and Gradle Plugins
lock
Create and Execute Jenkins Pipeline Gradle Job
lock
Review SonarQube Static Analysis Report
lock
Validate AWS Lab
Need help? Contact our support team

Here you can find the instructions for this specific Lab Step.

If you are ready for a real environment experience please start the Lab. Keep in mind that you'll need to start from the first step.

Introduction

In this Lab Step, you will again use the SonarQube administration web console. Reloading the Projects page, you should now see the newly registered WebApp project, created as a result of performing the Jenkins pipeline build in the previous Lab Step. 

 

Instructions 

1. Using your browser, navigate to the SonarQube home page: http://PUBLIC_IP_CICD_PLATFORM_INSTANCE:9000. Remember to use the public IP address assigned to the cicd.platform.instance EC2 instance, for example:

alt

2. Ensuring that you are on the Projects view, reload the page and confirm the presence of the WebApp project:

alt

3. Open the WebApp report by clicking WebApp:

alt

4. Within the Overview area, notice that several Code Smells have been reported. In the screenshot above 9 Code Smells were reported. Click on the number reported within the Code Smells section to investigate. This link will take you into the Issues area where you care observe each of the individual code smells reported:

alt

5. Open any of the red highlighted boxes to review the actual coding problems. For example, opening the first issue reports 2 duplicated blocks of code must be removed.alt

6. As a challenge, consider forking both the https://raw.githubusercontent.com/cloudacademy/devops-jenkins-sonarqube and https://github.com/cloudacademy/devops-webapp GitHub repositories. Edit the source code and purposely introduce other potential coding issues into the sample Java web application, so that when analysed would be caught and reported by SonarQube. For potential ideas, review the loaded Quality Profiles within SonarQube. Hint: To pull off this challenge, you will need to make changes in various places (Jenkins build job and Jenkinsfile). Good Luck!!

 

Summary

In this Lab Step, within the SonarQube web administration console, you confirmed the presence of the newly registered WebApp static analysis project, created as a result of executing the Jenkins build pipeline in the previous step. You opened up the WebApp static analysis project and reviewed several of the reported coding issues.