Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.

How to achieve SonarQube Code Quality Scan, Nexus IQ dependency scan and Fortify SCA in Adobe Cloud Manager?

Avatar

Level 1

Hi Everyone,

 

We have an AEM package that we want to deploy in Adobe Cloud using Cloud Manager. We want to do SonarQube Code Quality Scan, Nexus IQ dependency scan and Fortify SCA on the code that is being built. Is there any way that we can achieve all these three in Adobe Cloud Manager?

 

If anyone has any experience with this, we would really appreciate your help.

3 Replies

Avatar

Employee

Cloud Manager is not having flexibility to configure different plugins for code scanning. Cloud Manager it self is having scanning rules to scan the code and its pretty sufficient. if you still need additional scanning of the code then you can configure Local Code repository and local Code scanning, once all the scanning is done then only you can push the code to Cloud Manager Repository. 

Avatar

Level 1

Hi @Nishant-Singh ,

 

Thanks for your reply. We did suggest the same option to the client, but they don't want to do the CI process twice, once on-premise and once on cloud. They are also concerned about what would happen if the CI process is successful on-premise but fails in AEM Cloud due to some configuration issue.

If you have any other suggestions, please let us know.

Avatar

Community Advisor

@saiku1 Even i am not aware of the option other than what @Nishant-Singh suggested. Better to engage your Adobe partner/CSE with your client engagement.