SonarQube Instance Deployment in Okteto Managed Kubernetes Service and Configuration with Azure DevOps
About SonarQube :It is an automatic code review tool to detect bugs, vulnerabilities, and code smells in your code. It can integrate with your existing workflow to enable continuous code inspection across your project branches and pull requests.
About Okteto : gives instant access to secure Kubernetes namespaces to enable developers to code, build, and run Kubernetes applications entirely in the cloud.
Things we need:
- Github Account to create a Okteto Cloud Account
- Azure DevOps Account (Trial Will also be okay)
- kubectl cli
- First we will create a Okteto cloud account by visiting
2. Now click on Login, it will ask for your GitHub authorization.
3. After you logged in with your GitHub account, Okteto will create a kubernetes namespace for you.
4. Now go to Settings, in the Settings under the Setup tab, you will find an option called Download Config File, click that one, it will open up a pop-up and download a kube.config file named okteto-kube.config. In the pop-up, there is already a command, please copy that one.
5. After you copied the command, open windows PowerShell, and paste your command and press enter.
6. Now we are ready to deploy our SonarQube docker image on Okteto managed kubernetes cluster. Copy the below command ,paste it in PowerShell and add a name for your deployment instead of <name-of-instance> and Press Enter.
kubectl create deployment <name-of-instance> --image=docker.io/library/sonarqube:latest --port=9000
It will create a deployment in Okteto, Please see the below screen shots,
7. Now we need to expose our pod, so that we can access it through web. Copy below command and paste it in PowerShell and replace <name-of-instance> with your deployment name and press Enter.
kubectl expose deployment <name-of-instance> --port=9000 --target-port=9000 --type=LoadBalancer
If we go to okteto dashboard now, we can see our link,
8. Now go to that link to check if your SonarQube instance is running ok or not.
First time, Login =admin and Passwod=admin, it will ask to change on first time login.
After you are done, it will take you to SonarQube landing page.
9. Now we will create a new Project in SonarQube, click on Create New Project. Then Select Manually.
Then Provide Project Key and Display Name and Click on Setup
After you are done with this step, in the next page , you will asked to create a Token, please create a token and copy that value and keep it safe with you and press Continue. Now we are done with SonarQube.
10. Now we will create a Build Pipeline using Azure DevOps Classics Editor and store our code analysis data in SonarQube. So login to Azure DevOps and Go to Your Project and then select Pipelines and then click on New Pipeline. and Select Classic Editor.
11. Now Select your Source Control Type and Code Repository for me I have kept my code repo in GitHub and already have a GitHub authentication added in Azure DevOps and Select Branch and Click on Continue
12. My project is based on .Net Core , so I will Select Below template to start with and please select your template accordingly and click on Apply.
Now I will not make any changes as this template perfectly suits my need.
13. Now I will add a New Task to my Agent Job, if you have not install the SonarQube extension for Azure DevOps , I will suggest please install the same from below link
SonarQube - Visual Studio Marketplace
SonarQube™ is the leading tool for continuously inspecting the Code Quality and Security™ of your codebases, all while…
Add Prepare analysis on SonarQube task before restoring nuget package.
Now we need to add SonarQube Connection details, click on +NEW please provide link of your SonarQube instance in Service URL and provide the token that you have copied earlier in Token and also provide a Name and Description to find it later easily. and Click on Save.
Now we just need to provide our Project key, you can get your project by clicking on Project information in SonarQube Dashboard of your project.
Copy this Project Key and paste in Task now our Prepare analysis on SonarQube Task is ready.
Please select a way to run analysis for me it is MSBuild as my project is a .Net Core one.
14. Now After the Test, we need to add another task to Run Analysis on our code.
15. Now our pipeline is ready, lets save and queue it by clicking on Save and Queue.
16. Now after the successful run of our pipeline, we can see the project status in Our Sonar-Qube Project Status Dashboard.
Few Things to remember,
Okteto free developer plan, will send your deployment to sleep after 24hrs of development inactivity.