Some of the most important decisions a release or build manager has to make are whether to promote builds through the CI pipeline. To make these decisions smart and qualified, quality metrics are needed to point out problems in the builds. But sometimes, the problems are at the source, and to detect those problems, you need a tool like SonarQube. SonarQube analyzes source code to detect tricky issues — things like bugs, code smells, and security vulnerabilities — that impact code quality. It can also be configured to measure those results against a set of Quality Gate Metrics whose thresholds you define, to help identify code that may cause problems before it is built or deployed. As your binary repository manager, JFrog Artifactory is also a key part of a CI/CD pipeline and has a central role in ensuring the safety and quality of the code that is built and deployed.
This webinar demonstrates how Artifactory and SonarQube can be configured to work together in a CI/CD pipeline, to catch builds constructed from poor quality code before they make it through the pipeline to production.
Who should attend:
Developers and DevOps engineers who are currently using Artifactory and SonarQube and want to know how the two can work together to the greatest extent.
Working knowledge of JFrog Artifactory & SonarQube