In this post I will share how to setup SonarQube via Docker and use it to analyse your code. When working in a team you might want to setup a shared SonarQube instance somewhere. In case you would like to use Sonar locally, using Docker is quite easy and straight forward. You can also easily connect PHPStorm if you like.
run SonarQube in a Docker container
Let go and make sure you have Docker installed.
on Docker hub you will find the official SonarQube image for Docker. We will use it in the default way:
$ docker run -d --name sonarqube -p 9009:9000 sonarqube
By default you can login as admin with password admin, see authentication documentation. In the snipped above I choose for an other port than 9000, since I am a PHP devloper and rather use my port 9000 for Xdebug.
Verify that SonarQube is running by visiting the server at http://0.0.0.0:9009/.
the next time you want to start SonarQube use the following command:
docker start sonarqube
Pro tip: If the SonarQube container does not run, that could be due to local changes required by Elastic Search
install the SonarQube runner
The SonarQube runner is installed locally and takes care of analysing and transfering your code to SonarQube.
- first install the binary for your opererating system via the documentation. (pro tip: make sure
<install_directory>/binis in your $PATH so you can execute it from everywhere)
- next create a settings file based on your SonarQube container in Docker, place the file in
the following settings should work if you followed along, add them to your
#Configure here general information about the environment, such as SonarQube server connection details for example #No information about specific project should appear here #----- Default SonarQube server sonar.host.url=http://localhost:9009 #----- Default source code encoding #sonar.sourceEncoding=UTF-8
setup a project in SonarQube
Next you will setup a project in SonarQube, and link it to your project by configuring it by adding a
start sonar in your browser: (http://0.0.0.0:9009/) and login with admin / admin
add a project by clicking the + and choose "create new project" see ...
enter a name for your project and click generate to generate a token for this project.
in your project root create a file with the name
add the following lines to your properties file:
# Required metadata sonar.projectKey=<project token name from step 3> sonar.projectName=<user friendly project name> sonar.projectVersion=1.0 #Sonar server stuff sonar.login=<enter the generated token key> # Path to the parent source code directory.Plank Dock # Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows. # Since SonarQube 4.2, this property is optional if sonar.modules is set. # If not set, SonarQube starts looking for source code from the directory containing # the sonar-project.properties file. sonar.sources=<path to the source files> # Encoding of the source code sonar.sourceEncoding=UTF-8 # Additional parameters #sonar.my.property=value
to test run
run SonarQube runner on your project
So in the previous chapter you ran the
sonar-scanner command, if it did not report any errors, you can no go and view the results in SonarQube.
Visit sonar in your browser and take a look at the metrics. You can select the checks and quality levels by tweeking the Quality profiles and setup the Quality gate's. It makes sens to go an try it our in your work flow and see what settings work best for your use case.