mirror of https://github.com/01-edu/public.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2.1 KiB
2.1 KiB
SafeZone
Objectives
In this project, you will enhance the code quality and security of your e-commerce microservices project by setting up automated code quality checks using SonarQube. Additionally, you will integrate SonarQube with your GitHub repository to track code quality and ensure that bad practices are avoided.
Instructions
1. SonarQube Setup with Docker**
- Pull the SonarQube Docker image and run it on your local environment.
- Hint: You can use the official SonarQube Docker image available on Docker Hub.
2. SonarQube Configuration**
- Access the SonarQube web interface running on your local environment.
- Configure SonarQube to work with your e-commerce microservices project's codebase.
3. GitHub Integration**
- Integrate SonarQube with your GitHub repository.
- Configure webhooks or GitHub Actions to trigger code analysis on every push to the repository.
4. Code Analysis**
- Automate code analysis using SonarQube during the CI/CD pipeline.
- Configure the pipeline to fail if code quality or security issues are detected by SonarQube.
5. Continuous Monitoring**
- Ensure that SonarQube runs regularly to provide continuous monitoring of code quality and security.
6. Review and Approval Process**
- Implement a code review and approval process to ensure that code quality improvements are reviewed and approved by team members.
Bonus
- Set up email or Slack notifications for code analysis results.
- Integrate SonarQube with IDEs (Integrated Development Environments) to provide developers with real-time code quality feedback during development.
Testing
Your project will be assessed based on:
- Successful setup and configuration of SonarQube using Docker.
- Integration of SonarQube with the GitHub repository and CI/CD pipeline.
- Effective code analysis and detection of code quality and security issues.
- Implementation of code review and approval processes.