Using SonarQube locally using Docker

door

In this post I will share how to setup SonarQube via Docker and use it to analyse your code. When working in a team you might want to setup a shared SonarQube instance somewhere. In case you would like to use Sonar locally, using Docker is quite easy and straight forward. You can also easily connect PHPStorm if you like.

run SonarQube in a Docker container

Let go and make sure you have Docker installed.

on Docker hub you will find the official SonarQube image for Docker. We will use it in the default way:

$ docker run -d --name sonarqube -p 9009:9000 sonarqube

By default you can login as admin with password admin, see authentication documentation. In the snipped above I choose for an other port than 9000, since I am a PHP devloper and rather use my port 9000 for Xdebug.

Verify that SonarQube is running by visiting the server at http://0.0.0.0:9009/.

the next time you want to start SonarQube use the following command:

docker start sonarqube

Pro tip: If the SonarQube container does not run, that could be due to local changes required by Elastic Search

install the SonarQube runner

The SonarQube runner is installed locally and takes care of analysing and transfering your code to SonarQube.

  1. first install the binary for your opererating system via the documentation. (pro tip: make sure <install_directory>/bin is in your $PATH so you can execute it from everywhere)
  2. next create a settings file based on your SonarQube container in Docker, place the file in <install_directory>/conf/sonar-scanner.properties
  3. the following settings should work if you followed along, add them to your

    #Configure here general information about the environment, such as SonarQube server connection details for example
    #No information about specific project should appear here
    #----- Default SonarQube server
    sonar.host.url=http://localhost:9009
    #----- Default source code encoding
    #sonar.sourceEncoding=UTF-8

setup a project in SonarQube

Next you will setup a project in SonarQube, and link it to your project by configuring it by adding a sonarqube.config file.

  1. start sonar in your browser: (http://0.0.0.0:9009/) and login with admin / admin

  2. add a project by clicking the + and choose "create new project" see ...

  3. enter a name for your project and click generate to generate a token for this project.

  4. in your project root create a file with the name sonar-project.properties

  5. add the following lines to your properties file:

    # Required metadata
    sonar.projectKey=<project token name from step 3>
    sonar.projectName=<user friendly project name>
    sonar.projectVersion=1.0
    
    #Sonar server stuff
    sonar.login=<enter the generated token key>
    
    # Path to the parent source code directory.Plank Dock
    # Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
    # Since SonarQube 4.2, this property is optional if sonar.modules is set.
    # If not set, SonarQube starts looking for source code from the directory containing
    # the sonar-project.properties file.
    sonar.sources=<path to the source files>
    # Encoding of the source code
    sonar.sourceEncoding=UTF-8
    
    # Additional parameters
    #sonar.my.property=value
  6. to test run sonar-scanner

run SonarQube runner on your project

So in the previous chapter you ran the sonar-scanner command, if it did not report any errors, you can no go and view the results in SonarQube.

Visit sonar in your browser and take a look at the metrics. You can select the checks and quality levels by tweeking the Quality profiles and setup the Quality gate's. It makes sens to go an try it our in your work flow and see what settings work best for your use case.

comments powered by Disqus