Collecting Data on your Projects with SonarQube Scanner

As soon as your SonarQube installation is working, you are ready for the next step. To analyse code with SonarQube is simple, but again you need to know where you have to start.

For this post we use the SonarQube scanner to analyse your project. You will need to start the scanner manually, but when everything works it will be much simpler to integrate SonarQube into your build pipeline.

This post is part of the SonarQube series. You can find the other parts here:

• Part 1: SonarQube: Installation Walkthrough for Windows and SQL Server Express
• Part 2: Collecting Data on your Projects with SonarQube Scanner
• Part 3: Start Analysing Code with SonarQube
• Part 4: Fine-tune the Collection of your SonarQube Projects
• Part 5: How LOC is computed in SonarQube, NDepend and Visual Studio
• Part 6: Customise the Rules in SonarQube
• Part 7: Get SonarQube Ready for Production
• Part 8: Integrate SonarQube with Visual Studio Team Services
• Part 9: Integrate SonarQube with Visual Studio using SonarLint
• Part 10: Leverage SonarQube to Fix Technical Debt in Multiple Projects

Prerequisite

The scanner has the same prerequisite as the SonarQube server: Java. You can use the Oracle JRE or OpenJDK in version 8 or newer.

Installing the Scanner

SonarQube offers different scanners that can be integrated into your build system. There is a scanner for MSBuild, Maven, Gradle, Ant and Jenkins. To start we use the command line tool SonarQube Scanner to make the initial code analysis. You find the *.zip file in the top section of the documentation.

Download and unzip the *.zip file at a suitable location. This folder will be referred to as the installation directory in the rest of this post.

Configuration (Scanner)

The installation directory contains a folder called conf with a file sonar-scanner.properties. Open that file in your text editor and search for the following lines:

#----- Default SonarQube server
sonar.host.url=https://localhost:9000

Change the sonar.host property to the address of your SonarQube server.

Configuration (Project)

In your project folder (right at the top) you can add a properties file called sonar-project.properties with this contend:

# must be unique in a given SonarQube instance
sonar.projectKey=my:project
# this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1.
sonar.projectName=My project
sonar.projectVersion=1.0

# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
# This property is optional if sonar.modules is set. 
sonar.sources=.

# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=UTF-8

The project key can be as simple as your project name without spaces. If you control the access to the SonarQube server this may be a suitable option. However, should you need to invalidate that key at any time, you may be better off with a more cryptic key like 8599475jgf8490340.

Collect Data

Open a console, change to your project and start the scanner with this command:

c:\path\to\scanner\bin\sonar-scanner.bat

Depending on the size of your project that may take a few minutes. If the scanner is finished, the data is pushed to the SonarQube server. The processing of the data will take a few minutes and then your report will show up.

Next

With data in SonarQube it’s time to see what we can figure out. The next post will give you an overview on the SonarQube user interface and how you can find problematic code.