Skip to end of metadata
Go to start of metadata

Prerequisites

To execute analysis with SonarScanner for MSBuild you need to have:

  • Java Runtime Environment 8 (JRE 8) on your machine. Also make sure that the $JAVA_HOME environment variable points to the path where JRE 8 is installed.
  • a SonarCloud account or a SonarQube server.
WindowsLinux or macOS

Solution is built with MSBuild 14:

Solution is built with .NET Core 2.0

Solution is built with .NET Core 2.1

Solution is built with .NET Core 2.0

Solution is built with .NET Core 2.1

SonarQube

SonarCloud

See https://sonarcloud.io

Installation

Installation of the SonarScanner for MSBuild for .NET Framework or .NET Core

  1. Download SonarScanner for MSBuild.
    1. For .NET Core applications download the .NET Core version of the scanner (works on WindowsLinux and OSX)
    2. For applications targeting the full .NET Framework, download the .NET Framework 4.6+ version of the scanner (works on Windows)
  2. Unzip the downloaded file into a directory, for example c:\sonarscanner-msbuild on Windows or ~/sonarscanner-msbuild on Linux/OSX
    1. On Windows, you might need to unblock the ZIP file first (Right click on file -> Properties -> Unblock).
    2. On Linux/OSX you may need to set execute permissions on the files in ~/sonarscanner-msbuild/sonar-scanner-(version)/bin.

  3. Set default analysis properties in SonarQube.Analysis.xml that is located in the folder where you unzipped the archive. Usually those would be:
    1. sonar.host.url - URL to SonarCloud / your SonarQube server

    2. sonar.login - Analysis token of an user with Execute Analysis permissions. Required only if Anonymous does not have them
  4. If you have added authentication properties into SonarQube.Analysis.xml we would advise to restrict the access to it by setting the appropriate file system permissions.
  5. Add c:\sonarscanner-msbuild (or ~/sonarscanner-msbuild) path to the system PATH environment variable.

Installation of the SonarScanner for MSBuild .NET Core Global Tool

dotnet tool install --global dotnet-sonarscanner --version 4.3.1

(change 4.3.1 to the latest version available)


On Linux/OSX, if your SonarQube server is secured:

  1. Copy the server's CA certs to /usr/local/share/ca-certificates 
  2. Run sudo update-ca-certificates



  • No labels