Sonarqube and Docker

Sonarqube provides static code analysis, testing and continuous inspection. Also see Quality Assurance Tools

You can also have these validations as part of your IDE – https://www.sonarlint.org/visualstudio/

Docker

To spin up a docker container you can use the public sonarqube image and embedded H2 database (not suited for production) however fine for stand alone small projects.

  1. Spin up a container, there is a shell script here
    1. Default login is admin/admin
  2. Create a key and project
    1. Example key – 93292c24ba95f6dc5a9275ec169dd654a3382a2d
    2. Example project – PatternsAndPrinciples
  3. Download .Net Core SDK (if your target project is .Net Core)
    1. dotnet-sdk-2.1.302-win-x64.exe
    2. If you are targeting classic .net as long as you have msbuild you are fine
  4. Download Java Runtime
    1. jre-8u181-windows-x64.exe
  5. Download sonar-scanner-msbuild
    1. sonar-scanner-msbuild-4.3.1.1372-netcoreapp2.0.zip
    2. extract to C:\sonarscanner-msbuild-netcoreapp2\
    3. Add the path to your Environmental Variables – Path
      1. Ensure you add with the ending \

Run For .Net Core

Once you have the container up and the above installed, navigate via command prompt to the path your solution is on your local disk, example:

  • C:\Dev-Code-School\Boilerplate\Class Library\PatternsAndPrinciples

Then run the following substituting your container hosts IP and your key

dotnet sonarscanner begin /k:"PatternsAndPrinciples" /d:sonar.host.url="http://172.29.5.203:9000" /d:sonar.login="93292c24ba95f6dc5a9275ec169dd654a3382a2d"

Then build

dotnet build

Then end, once done navigate to the sonarcube containers UI and fix what it moans about 😀

Example:  http://172.29.5.203:9000

dotnet sonarscanner end /d:sonar.login="93292c24ba95f6dc5a9275ec169dd654a3382a2d"

References

Leave a Reply