How to achieve SonarQube Code Quality Scan, Nexus IQ dependency scan and Fortify SCA in Adobe Cloud Manager?

Forum|Forum|2 years ago
July 17, 2023
2 replies
1245 views

Hi Everyone,

We have an AEM package that we want to deploy in Adobe Cloud using Cloud Manager. We want to do SonarQube Code Quality Scan, Nexus IQ dependency scan and Fortify SCA on the code that is being built. Is there any way that we can achieve all these three in Adobe Cloud Manager?

If anyone has any experience with this, we would really appreciate your help.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Nishant-Singh

Adobe Employee

Cloud Manager is not having flexibility to configure different plugins for code scanning. Cloud Manager it self is having scanning rules to scan the code and its pretty sufficient. if you still need additional scanning of the code then you can configure Local Code repository and local Code scanning, once all the scanning is done then only you can push the code to Cloud Manager Repository.

S

saiku1Author

Hi @nishant-singh ,

Thanks for your reply. We did suggest the same option to the client, but they don't want to do the CI process twice, once on-premise and once on cloud. They are also concerned about what would happen if the CI process is successful on-premise but fails in AEM Cloud due to some configuration issue.

If you have any other suggestions, please let us know.

Shashi_Mulugu

Community Advisor

@saiku1 Even i am not aware of the option other than what @nishant-singh suggested. Better to engage your Adobe partner/CSE with your client engagement.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded