Skip to end of metadata
Go to start of metadata

By SonarSource – SonarSource – Issue Tracker – Supported by SonarSource
SonarApex 1.4 – Dec 19, 2018 – SonarQube 7.5+
44+ Rules, Common Metrics, Salesforce CLI coverage, PMD Apex
I accept the Terms and ConditionsDownloadRelease notes

Description

SonarApex detects bugs, vulnerabilities and code smells in Apex code.

Additionally, coverage reports for Salesforce DX projects generated with Salesforce CLI can be imported. Users of PMD Apex can also optionally import its findings in SonarQube .

First Analysis of an Apex Project

  1. Install SonarQube Server (see Setup and Upgrade for more details)
  2. Install SonarQube Scanner and be sure your can call sonar-scanner from the directory where you have your source code
  3. Install SonarApex (see Installing a Plugin for more details)
  4. Run your analysis with the SonarQube Scanner by executing the following command from the root directory of the project:

    sonar-scanner -Dsonar.projectKey=xxx -Dsonar.sources=.
  5. Follow the link provided at the end of the analysis to browse your project's quality in SonarQube UI

Further Analyses

Assuming steps 1-3 above have already been completed, you'll want to encapsulate your analysis parameters in a sonar-project.properties file at the root of your project (see a sample project on GitHub: https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner). Then subsequent analyses can simply be run with:

sonar-scanner

Advanced Usage

With SonarApex, you can also:


  • No labels