Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

HTML
<div class="table-wrap"><table>
<table style="line-height: 1.4285715;" class="confluenceTable"><tbody><tr><td class="highlight-grey confluenceTd" data-highlight-colour="grey">By>
By <a target="_top" href="httphttps://www.sonarsource.com">SonarSource</a> &#8211; GNU LGPL 3 &#8211;
<a target="_top" href="httphttps://jira.sonarsource.com/browse/SQSCANNER">Issue Tracker</a> &#8211;
<a target="_top" href="https://github.com/Sonarsource/sonar-scanner-cli">Sources</a>
<br>
<div><table>
<tr><td colspan="4">
	<strong>Download SonarQube <div style="padding-top:10px;padding-bottom:5px">
    <span style="font-size:larger;"><strong>SonarQube Scanner 2.6.1</strong></span>
     &#8211; Compatible with SonarQube 4.5.4+ (LTS)
    <br>
    Scanner 3.3</strong><br/>
    Compatible with SonarQube 5.6+ (LTS)
</td></tr>
<tr>
<td>
    <a target="_top" href="https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.3.0.1492-linux.zip">Linux 64 bit</a>
</td><td>
    <a target="_top" href="https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.3.0.1492-windows.zip">Windows 64 bit</a>
</td><td>
    <a target="_top" href="https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.3.0.1492-macosx.zip">Mac OS X 64 bit</a>
<td>
    <a target="_top" href="https://binaries.sonarsource.bintray.com/Distribution/sonar-scanner-cli/sonar-scanner-2cli-3.63.10.1492.zip">Download<>Any*</a>
</td>
</tr>
<tr><td colspan="4"><small>*This </div> 
</div> 
package expects that a JVM is already installed on the system - with same Java requirements as the SonarQube server.</small></td></td></tr>
</table>
</div> </td></tr></tbody></table></div>

...

The SonarQube Scanner is recommended as the default launcher to analyze a project with SonarQube.

Prerequisites

  • SonarQube is already installed
  • At least the minimal version of Java supported by your SonarQube server is in use
  • The language plugins for each of the languages you wish to analyze are installed
  • You have read Analyzing Code Source

Installation

  1. Expand the downloaded file into the directory of your choice. We'll refer to it as <install_directory> in the next steps. 
  2. Update the global settings (server URL) to point to your SonarQube server by editing <install_directory>/conf/sonar-scanner.properties:

    Code Block
    languagebash
    #----- Default SonarQube server
    #sonar.host.url=http://localhost:9000
    


  3. Add the <install_directory>/bin directory to your path.
  4. You can check the basic verify your installation by opening a new shell and executing the command sonar-scanner -h (on Windows platform the command is sonar-scanner.bat -h) . You should get a message output like this:

    Code Block
    usage: sonar-scanner [options]
     
    Options:
     -D,--define <arg>     Define property
     -e,--errors           Produce execution error messages
     -h,--help             Display help information
     -v,--version          Display version information
     -X,--debug            Produce execution debug output


If you need more debug information you can add the sonar.verbose property by adding the command line parameter -Dsonar.verbose=true.

...

Use

Simple Project

Create a configuration file in the root directory of the project: sonar-project.properties

Code Block
languagebash
titlesonar-project.properties
# must be unique in a given SonarQube instance
sonar.projectKey=my:project
# this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1.
sonar.projectName=My project
sonar.projectVersion=1.0

# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
# Since SonarQube 4.2, this This property is optional if sonar.modules is set. 
# If not set, SonarQube starts looking for source code from the directory containing 
# the sonar-project.properties file.
sonar.sources=.

# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=UTF-8

...

To help you get started, simple project samples are available for most languages on github. They can be browsed or downloaded. You'll find them filed under projects/languages.

Multi-module Project

There are two ways to define a multi-module structure in SonarQube:

 Using the given file structure...... with the given 'properties' files

Way #1

Set all the configuration in the properties file in the root folder

Image Removed
Code Block
languagebash
title"MyProject/sonar-project.properties" file content
linenumberstrue
# Root project information
sonar.projectKey=org.mycompany.myproject
sonar.projectName=My Project
sonar.projectVersion=1.0

# Some properties that will be inherited by the modules
sonar.sources=src

# List of the module identifiers
sonar.modules=module1,module2

# Properties can obviously be overriden for
# each module - just prefix them with the module ID
module1.sonar.projectName=Module 1
module2.sonar.projectName=Module 2

Way #2

Set the configuration in multiple properties files

Image Removed
Code Block
languagebash
title"MyProject/sonar-project.properties" file content
linenumberstrue
# Root project information
sonar.projectKey=org.mycompany.myproject
sonar.projectName=My Project
sonar.projectVersion=1.0

# Some properties that will be inherited by the modules
sonar.sources=src

# List of the module identifiers
sonar.modules=module1,module2
Code Block
languagebash
title"MyProject/module1/sonar-project.properties" file content
linenumberstrue
# Redefine properties
# Note that you do not need to prefix the property here
sonar.projectName=Module 1
Code Block
languagebash
title"MyProject/module2/sonar-project.properties" file content
linenumberstrue
# Redefine properties
# Note that you do not need to prefix the property here
sonar.projectName=Module 2

 

Noteworthy:

...


...

  • the folder of a module contains white spaces or special characters:

    Code Block
    languagebash
    module1.sonar.projectBaseDir=My Module One

      

  • the module is not located directly in the parent folder, but in a deeper directory structure:

    Code Block
    languagebash
    module1.sonar.projectBaseDir=modules/mod1
    module2.sonar.projectBaseDir=modules/mod2

      

  • A project that defines modules (or a module that defines sub-modules) cannot define a source code folder to be analyzed.
     

To help you get started, multi-module project samples can be browsed or downloaded from github:

  • Modules with the same structure: projects/multi-module/sonar-runner/java-sonar-runner-modules-same-structure
  • Modules with different structures: projects/multi-module/sonar-runner/java-sonar-runner-modules-different-structures
  • A configuration file for each module: projects/multi-module/sonar-runner/java-sonar-runner-modules-own-configuration-file

Running Other Tasks

Code Block
languagebash
# To run the computation of views (Views plugin is required)
sonar-scanner views

# To run the computation of reports (Report plugin is required)
sonar-runner report

# To run the computation of developer data (Developer Cockpit plugin is required)
sonar-runner devcockpit

Advanced Usage

sonar-project.properties

If a sonar-project.properties file cannot be created in the root directory of the project, there are several alternatives:

  • The properties can be specified directly through the command line. Ex:

    Code Block
    languagenone
    sonar-scanner -Dsonar.projectKey=myproject -Dsonar.sources=src1

      

  • The property project.settings can be used to specify the path to the project configuration file (this option is incompatible with the project.home and sonar.projectBaseDir properties). Ex:

    Code Block
    languagenone
    sonar-scanner -Dproject.settings=../myproject.properties

      

The root folder of the project to analyze can be set through the sonar.projectBaseDir property since SonarQube Scanner 2.4 (was previously project.home). This folder must contain a sonar-project.properties file if the mandatory properties (like sonar.projectKey) are not specified on the command line.

Additional analysis parameters can be defined in this project configuration file or through command-line parameters. 

Alternate Analysis Directory

If the files to be analyzed are not in the directory where the analysis starts from, use the sonar.projectBaseDir property to move analysis to a different directory. E.G. analysis begins from jenkins/jobs/myjob/workspace but the files to be analyzed are in ftpdrop/cobol/project1.

Code Block
languagebash
titlesonar-project.properties
sonar.projectBaseDir=/home/ftpdrop/cobol/project1
sonar.sources=src
sonar.cobol.copy.directories=/copy

For more, see the listing of analysis parameters.

Troubleshooting

...

Include Page
SONAR:Include - Analysis - Security
SONAR:Include - Analysis - Security

Troubleshooting

Java heap space error or java.lang.OutOfMemoryError,

...

Increase the memory via the SONAR_SCANNER_OPTS environment variable:

Code Block
languagenone
export SONAR_SCANNER_OPTS="-Xmx512m
-XX:MaxPermSize=128m
"


On Windows environments, avoid the double-quotes, since they get misinterpreted and combine the two parameters into a single one.

Code Block
languagenone
set SONAR_SCANNER_OPTS=-Xmx512m
-XX:MaxPermSize=128m

Unsupported major.minor version

Upgrade the version of Java being used for analysis or use one of the native package (that embed its own Java runtime). SonarQube 5.6+ requires Java 8.

Property missing: 'sonar.cs.analyzer.projectOutPaths'. No protobuf files will be loaded for this project.

Scanner CLI is not able to analyze .NET projects. Please, use Scanner for MSBuild. If you are running Scanner for MSBuild, ensure that you are not hitting a known limitation.

Going Further