Maven, Gradle, Git, Jira, SonarQube
🔧 Build & SCM Tools Interview Q&A
🟦 1. Maven (Apache Maven)
Q1. What is Maven?
A: Maven is a build automation and project management tool mainly used for Java projects. It uses a pom.xml file to manage dependencies, build lifecycle, and plugins.
1. What is Maven?
Maven is a build automation and dependency management tool primarily used for Java projects.
It helps with:
Q2. What is POM in Maven?
A: POM (Project Object Model) is an XML file (pom.xml) that contains project configuration like dependencies, plugins, repositories, and build settings.
Q3. Explain Maven lifecycle.
A: Maven has 3 built-in lifecycles:
- default (build & deploy)
- clean (remove artifacts)
- site (generate documentation)
Phases include: validate → compile → test → package → install → deploy.
Q4. How does Maven handle dependencies?
A: Maven downloads dependencies from central or remote repositories and stores them locally in .m2 cache. It also handles transitive dependencies automatically.
“Do we need to configure anything in a CI/CD pipeline to download dependencies from central and remote repositories?”
Yes — in most cases you do need some configuration, but it depends on whether you are using the default public repositories or private/enterprise repositories.🔹 1. Default behavior (no extra config needed)
For tools like Apache Maven and Gradle:
-
By default, they download dependencies from:
- Maven Central Repository
- So if your libraries are public, no extra configuration is needed
Example:
- Spring Boot dependencies
- JUnit
- Commons libraries
Maven Life Cycle
1. Default Lifecycle
This is the main lifecycle used for building and deploying applications.
Common phases:
validate
compile
test
package
verify
install
deploy1. validate
Checks whether the project structure and configuration are correct.
What it does
- Validates
pom.xml- Checks project setup
- Ensures required information is available
>>> mvn validate2. compile
Compiles the application source code.
What it does
- Compiles Java files from:
src/main/java
- Generates
.classfiles in:target/classesExample
>>> mvn compile
3. test
Runs unit test cases.
What it does
- Executes tests from:
src/test/java
-
Uses frameworks like:
- JUnit
- TestNG
Important
It does NOT package the application yet.
4. package
Packages the compiled code into distributable format.
What it does
Creates:
- JAR : Used for Standalone Java applications Libraries
- WAR: Used for Web applications Servlet/JSP/Spring MVC apps
- EAR: Used for Enterprise Java applications Combines multiple JARs and WARs
depending on project type.
Output location
“Package phase bundles the compiled code into a deployable artifact like JAR or WAR.”target/Created when:>>> mvn package
5. verify
Performs additional quality checks after packaging.
What it does
- Runs integration tests
- Validates package quality
-
Performs checks like:
- Code coverage
- Static analysis
6. install
Installs the packaged artifact into local Maven repository.
Local repository
~/.m2/repositoryWhy needed
Other local projects can use this dependency.
>>> mvn install7. deploy
Deploys the artifact to remote repository.
What it does
Uploads artifact to:
- Nexus
- Artifactory
- Remote Maven repository
Used in
CI/CD pipelines and team environments.
>>> mvn deploy- validate → check project
- compile → compile code
- test → run unit tests
- package → create JAR/WAR
- verify → quality checks
- install → store in local repo
- deploy → upload to remote repo
2. Clean Lifecycle
Used for:
- Removing old build files
Important phase:
| Phase | Purpose |
|---|---|
clean | Deletes the target directory |
3. Site Lifecycle
Used for:
- Creating project documentation and reports
Important phases:
| Phase | Purpose |
|---|---|
site | Generates project website/docs |
site-deploy | Publishes documentation |
>>> mvn site
🔹 2. When you DO need configuration
✅ A) Private/Enterprise repositories
If your organization uses:
- Nexus Repository
- Artifactory
- Internal Maven repo
👉 Then you must configure repository URLs.
Maven config (pom.xml or settings.xml)
✅ B) Authentication (very important in pipelines)
If repo is secured, you must configure credentials in:
👉 ~/.m2/settings.xml
<servers>
<server>
<id>internal-repo</id>
<username>user</username>
<password>pass</password>
</server>
</servers>
✅ C) Proxy configuration (common in enterprises)
If pipeline runs behind corporate network:
<proxies>
<proxy>
<id>corp-proxy</id>
<host>proxy.company.com</host>
<port>8080</port>
</proxy>
</proxies>
GRADLE
Gradle Interview Questions
Beginner Level
1. What is Gradle?
Gradle is an open-source build automation tool used for:
- Compiling code
- Managing dependencies
- Running tests
- Packaging applications
- Automating CI/CD workflows
It combines features of:
- Apache Maven
- Apache Ant
Official site: Gradle
2. Why is Gradle faster than Maven?
Gradle is faster because it supports:
- Incremental builds
- Build caching
- Parallel task execution
- Gradle Daemon
Interview Answer
“Gradle improves build performance by executing only changed tasks and reusing cached outputs.”
2. Why is Gradle preferred over Maven?
Key advantages:
- Faster incremental builds
- Better dependency management
- Flexible scripting using Groovy/Kotlin
- Build caching
- Parallel execution
- Custom task creation
3. What languages can be used in Gradle build scripts?
-
Groovy DSL (
build.gradle) -
Kotlin DSL (
build.gradle.kts)
plugins {
java
}
4. What is a Gradle build script?
A file that defines:
- Dependencies
- Plugins
- Tasks
- Repositories
- Build configurations
Common files:
-
build.gradle -
settings.gradle
5. What is the difference between settings.gradle and build.gradle?
| File | Purpose |
|---|---|
settings.gradle | Defines project structure/modules |
build.gradle | Defines build logic and dependencies |
Dependency Management
6. What are repositories in Gradle?
Repositories store dependencies.
Examples:
Examples:
repositories {
mavenCentral()
google()
}
Common repositories:
- Maven Central
- Google Maven
- Local Maven
7. How do you add dependencies in Gradle?
Example:
dependencies {
implementation 'org.springframework:spring-core:6.0.0'
}
9. What is transitive dependency?
A dependency required by another dependency.
Example:
- Project depends on A
- A depends on B
- B becomes transitive
1. What is Gradle?
Gradle is an open-source build automation and dependency management tool used mainly for Java, Spring Boot, and Android projects.
JIRA Interview Questions for DevOps
Jira is widely used in DevOps environments for:
- Agile project management
- Incident tracking
- Sprint planning
- CI/CD integration
- Change management
- Release tracking
Official site: Atlassian Jira
1. What is JIRA?
JIRA is a project management and issue-tracking tool developed by Atlassian.
It is used for:
- Bug tracking
- Agile development
- Sprint management
- Workflow automation
- DevOps integration
2. What are the different types of issues in JIRA?
Common issue types:
- Epic
- Story
- Task
- Bug
- Sub-task
- Spike
3. What is a workflow in JIRA?
A workflow defines the lifecycle of an issue.
Example:
To Do → In Progress → Testing → Done
4. What is a JIRA board?
Two main board types:
- Scrum board
- Kanban board
Used for tracking work visually.
5. Difference between Scrum and Kanban boards?
| Scrum | Kanban |
|---|---|
| Sprint-based | Continuous flow |
| Fixed iterations | No sprint required |
| Velocity tracking | Lead time tracking |
5. Difference between Scrum and Kanban boards?
5. Difference between Scrum and Kanban boards?
| Scrum | Kanban |
|---|---|
| Sprint-based | Continuous flow |
| Fixed iterations | No sprint required |
| Velocity tracking | Lead time tracking |
6. What is an Epic in JIRA?
An Epic is a large body of work that can contain multiple stories/tasks.
Example:
- “User Authentication Module”
7. What is a Sprint?
A sprint is a fixed-duration iteration in Agile development.
Usually:
- 1–4 weeks
8. What are labels in JIRA?
Labels are tags used to categorize issues.
Example:
backend
critical
production
9. What is a JQL query?
JQL (JIRA Query Language) is used to search/filter issues.
Example:
project = DEVOPS AND status = "In Progress"
10. What is a dashboard in JIRA?
A dashboard displays project metrics using gadgets/charts.
Examples:
- Sprint burndown
- Pie charts
- Assigned issues
11. How is JIRA used in DevOps?
JIRA integrates with:
- CI/CD pipelines
- Incident management
- Deployment tracking
- Release management
- Change requests
Common integrations:
- Jenkins
- GitHub
- GitLab
- Bitbucket
- Docker
12. Explain JIRA integration with Jenkins.
Jenkins can:
- Update JIRA tickets automatically
- Trigger builds from issue transitions
- Add build status/comments
Example:
13. How does JIRA support CI/CD?
JIRA helps by:
- Tracking deployments
- Linking commits/builds/issues
- Managing release workflows
- Monitoring change approvals
Sonar Cube : Interview Question
SonarQube Interview Questions
SonarQube is a popular static code analysis tool used in DevOps and CI/CD pipelines to detect:
- Bugs
- Vulnerabilities
- Code smells
- Duplications
- Security issues
- Technical debt
Official site: SonarQube
1. What is SonarQube?
SonarQube is an open-source platform for continuous inspection of code quality and security.
It supports multiple languages like:
- Java
- Python
- JavaScript
- C#
- C/C++
- Go
2. What are the main features of SonarQube?
Features include:
- Static code analysis
- Bug detection
- Security vulnerability scanning
- Code smell detection
- Code coverage reports
- Technical debt measurement
- Quality gates
3. What is static code analysis?
Static code analysis examines source code without executing the program.
Benefits:
- Early bug detection
- Improved maintainability
- Better security
4. What are code smells?
Code smells indicate poor coding practices that may:
- Reduce maintainability
- Increase technical debt
- Make debugging harder
Examples:
- Duplicate code
- Long methods
- Unused variables
5. What is technical debt in SonarQube?
Technical debt represents the estimated effort required to fix maintainability issues in code.
6. What are bugs in SonarQube?
Bugs are coding issues likely to produce incorrect behavior.
Example:
7. What are vulnerabilities?
Security-related weaknesses in code.
Examples:
- SQL injection
- Hardcoded credentials
- XSS vulnerabilities
8. What is a Quality Gate?
A Quality Gate is a set of conditions that code must meet before passing.
Common conditions:
- No blocker vulnerabilities
- Minimum code coverage
- Maximum duplication percentage
9. What is a Quality Profile?
A Quality Profile is a collection of coding rules used during analysis.
10. Which databases are supported by SonarQube?
Common databases:
- PostgreSQL
- Microsoft SQL Server
- Oracle Database
11. Explain SonarQube architecture.
Main components:
- SonarQube Server
- Database
- Scanner
- Web UI
Workflow:
12. What is SonarScanner?
SonarScanner is a tool that analyzes code and sends reports to SonarQube server.
13. How do you install SonarQube?
Basic steps:
- Install Java
- Install database
- Download SonarQube
-
Configure
sonar.properties - Start server
14. What port does SonarQube use by default?
Default port:9000
15. What is the default admin username/password?
Default:
admin/adminShould be changed immediately after installation.
16. How is SonarQube integrated into CI/CD?
Integrated using:
- Jenkins
- GitLab
- GitHub Actions
- Azure DevOps
Pipeline flow:
Build → Test → SonarQube Scan → Quality Gate → Deploy
17. How do you integrate SonarQube with Jenkins?
Steps:
- Install SonarQube plugin
- Configure SonarQube server
- Add scanner in Jenkins
- Update pipeline
Example:
stage('SonarQube Analysis') {
steps {
withSonarQubeEnv('SonarQube') {
sh 'mvn sonar:sonar'
}
}
}
18. What is Quality Gate enforcement in CI/CD?
Pipeline can fail automatically if Quality Gate fails.
This prevents bad-quality code from deployment.
Comments
Post a Comment