The SonarScanner is the scanner to use when there is no specific scanner for your build system.
Configuring your project
Create a configuration file in your project's root directory called
Running SonarScanner from the zip file
To run SonarScanner from the zip file, follow these steps:
- Expand the downloaded file into the directory of your choice. We'll refer to it as
<INSTALL_DIRECTORY>in the next steps.
- Update the global settings to point to your SonarQube server by editing
#----- Default SonarQube server
- Add the
<INSTALL_DIRECTORY>/bindirectory to your path.
- Verify your installation by opening a new shell and executing the command
sonar-scanner.bat -hon Windows). You should get output like this:
usage: sonar-scanner [options]
-D,--define <arg> Define property
-h,--help Display help information
-v,--version Display version information
-X,--debug Produce execution debug output
If you need more debug information, you can add one of the following to your command line:
- Run the following command from the project base directory to launch analysis and pass your authentication token:
Running SonarScanner from the Docker image
To scan using the SonarScanner Docker image, use the following command:
Scanning C, C++, or ObjectiveC projects
Scanning projects that contain C, C++, or Objective-C code requires some additional analysis steps. You can find full details on the C/C++/Objective-C language page.
To help you get started, simple project samples are available for most languages on GitHub. They can be browsed or downloaded. You'll find them filed under
Alternatives to sonar-project.properties
sonar-project.properties file cannot be created in the root directory of the project, there are several alternatives:
- The properties can be specified directly through the command line. Example:
sonar-scanner -Dsonar.projectKey=myproject -Dsonar.sources=src1
- The property
project.settingscan be used to specify the path to the project configuration file (this option is incompatible with the
- The root folder of the project to analyze can be set through the
sonar.projectBaseDirproperty since SonarScanner 2.4. This folder must contain a
sonar.projectKeyis not specified on the command line. Additional analysis parameters can be defined in this project configuration file or through command-line parameters.
Alternate analysis directory
If the files to be analyzed are not in the directory where the analysis starts from, use the
sonar.projectBaseDir property to move analysis to a different directory. E.G. analysis begins from
jenkins/jobs/myjob/workspace but the files to be analyzed are in
ftpdrop/cobol/project1. This is configured in
sonar-project.properties as follows:
You can configure more parameters. See Analysis parameters for details.
Advanced Docker configuration
The following sections offer advanced configuration options when running the SonarScanner with Docker. Click the headings to expand the instructions.
Java heap space error or java.lang.OutOfMemoryError
Increase the memory via the
SONAR_SCANNER_OPTS environment variable when running the scanner from a zip file:
In Windows environments, avoid the double quotes, since they get misinterpreted, and combine the two parameters into a single one.
Unsupported major.minor version
Upgrade the version of Java being used for analysis or use one of the native package (that embed its own Java runtime).
Property missing: `sonar.cs.analyzer.projectOutPaths'. No protobuf files will be loaded for this project.
Scanner CLI is not able to analyze .NET projects. Please, use the SonarScanner for .NET. If you are running the SonarScanner for .NET, ensure that you are not hitting a known limitation.
© 2008-2023, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution-NonCommercial 3.0 United States License. SONARQUBE is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners.