Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

By SonarSource – MIT – Issue TrackerSources
SonarQube Scanner for MSBuild 2.0 – Compatible with SonarQube 4.5.4+ (LTS)
Download

Table of Contents

Features

The SonarQube Scanner for MSBuild is the recommended way to launch a SonarQube analysis on MSBuild projects and solutions. It is the result of a collaboration between SonarSource and Microsoft

It is available both as a standalone command line executable and as native Team Foundation Server or Jenkins build steps.

Prerequisites

Compatibility

With the SonarQube C# and Visual Basic .NET plugins

SonarQube Scanner for MSBuild
0.9
1.0
1.0.1
1.0.2
1.12.0
SonarQube C# Plugin4.04.14.24.3+4.4+4.5+
SonarQube Visual Basic.NET PluginN/A2.42.42.4+2.4+2.4+

With Visual Studio and MSBuild

Installing Visual Studio on the analysis machines is recommended but not mandatory. Some features such as FxCop and the execution of unit tests with VSTest or MSTest are only available when Visual Studio is installed. If you choose not to install Visual Studio, you will need to install Microsoft Build Tools which includes MSBuild 

MSBuild 14.0, included in Visual Studio 2015, is recommended for use with SonarQube Scanner for MSBuild. Projects targeting older versions of the .NET Framework can be built using MSBuild 14.0+ by setting the "TargetFrameworkVersion" MSBuild property as documented by Microsoft:

You can setup a dedicated SonarQube analysis build using MSBuild 14.0 for your project if you do not wish to change your production build.

Usage

Installation

Installing the SonarQube Scanner for MSBuild is only required for the command line and Team Foundation Server 2013 and XAML Build usages

In Team Foundation Server 2015, Visual Studio Team Services, and Jenkins, the dedicated build steps for the SonarQube Scanner for MSBuild will automatically provision the required files on the build machine.

  1. If you do not already have it, install the Microsoft .NET Framework v4.5.2+
  2. If you do not already have it, install the Java Runtime Environment v7u75+
  3. Download the latest version of the SonarQube Scanner for MSBuild using the Download link at the very top of this page.
  4. Right-click on the downloaded .zip file and click on the Unblock button.
  5. Unzip MSBuild.SonarQube.Runner-[version].zip on to a drive. Example: C:\SonarQube\bin
  6. Edit C:\SonarQube\bin\SonarQube.Analysis.xml to specify the following parameters:
    1. sonar.host.url

    2. sonar.login and sonar.password if Anonymous does not have Execute Analysis permissions
  7. Optional: Add the directory containing the MSBuild SonarQube Scanner executable to the %PATH% if you intend to use it from the command line

  8. Secure the file permissions
    • Storing passwords in clear text in unsecured settings files is not recommended
    • Restrict access to the C:\SonarQube\bin\SonarQube.Analysis.xml file by setting appropriate file permissions

You are now ready to analyze projects from the command line or from Team Foundation Server 2013 (XAML build system).

 

Known Limitations

  • Analysis of BizTalk and SharePoint projects is currently not supported, refer to  SONARMSBRU-196 - Getting issue details... STATUS

  • Analysis of DNX projects (i.e. project.json) is not currently not supported, refer to  SONARMSBRU-167 - Getting issue details... STATUS
  • Analysis of Web Site Solutions is not supported, however analysis of Web Application Solutions is supported.

 

Advanced Usage

TODO in separate page

  • No labels