SonarTSQL detects bugs, vulnerabilities and code smells in Transact-SQL (TSQL) code.
First Analysis of a T-SQL Project
- Install SonarQube Server (see Setup and Upgrade for more details)
- Install SonarQube Scanner and be sure your can call sonar-scanner from the directory where you have your source code
- Install SonarTSQL (see Installing a Plugin for more details)
Run your analysis with the SonarQube Scanner by executing the following command from the root directory of the project:
sonar-scanner -Dsonar.projectKey=xxx -Dsonar.sources=.
- Follow the link provided at the end of the analysis to browse your project's quality in SonarQube UI
Assuming steps 1-3 above have already been completed, you'll want to encapsulate your analysis parameters in a sonar-project.properties file at the root of your project (see a sample project on GitHub: https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner). Then subsequent analyses can simply be run with:
With SonarTSQL, you can:
- change the files to analyze by configuring the property
sonar.tsql.file.suffixes in Settings > General Settings > T-SQL > File Suffixes
With the default configuration, SonarTSQL only analyses files with the '
.tsql' file extension (since SonarTSQL 1.2), and files with the '
.sql' file extension are analysed by SonarPLSQL. This behavior is defined through analysis properties:
sonar.plsql.file.suffixes. You can override these properties either at server level or at project level in order to have SonarTSQL analyse '