Open in app

Sign in

Write

Sign in

Setup SonarQube in a Docker Container

Houssem Dellai
2 min readJan 4, 2020

--

Let’s see how we can quickly setup a SonarQube environment using Docker container to run a code analysis for a .NET Core application.

  1. Run SonarQube on Docker
  2. Install SonarScanner for .NET Core
  3. Start the code analysis

1. Running SonarQube on Docker

$ docker run -d --name sonarqube -p 9000:9000 -p 9092:9092 sonarqube

2. Installing SonarScanner for .NET Core

Download SonarScanner from this link. Extract it, then look for the file ‘SonarQube.Analysis.xml’ and add the following:

<SonarQubeAnalysisProperties       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.sonarsource.com/msbuild/integration/2015/1">
<Property Name="sonar.host.url">http://localhost:9000</Property>
<Property Name="sonar.login">[my-user-token]</Property>
</SonarQubeAnalysisProperties>

Then, Add the path to the extracted SonarScanner folder to your PATH environment variable.

Run the command:

$ dotnet tool install --global dotnet-sonarscanner --version 4.7.1

More about this setup could be found here: https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-msbuild/

3. Starting the code analysis

Let’s first clone a sample project fom Github to analyse it:

$ git clone https://github.com/HoussemDellai/WebAppWithDatabaseDemo

Then, from the current folder, we run:

$ dotnet sonarscanner begin /k:"project-key" 
$ dotnet build <path to solution.sln>
$ dotnet sonarscanner end

4. Running Sonar Scanner on a Container

Instead of installing the CLI tools in the host machine, we can use a Docker container. The container here will start the code analysis using the CLI tools already installed inside. We just need to start the container, tell it the path to the source code and the url of sonarqube.The project for this container is open source and available here: https://github.com/newtmitch/docker-sonar-scanner. This is useful in CI pipeline because we won’t need to install additional dependencies into the build agent.

To use it we can run the following command:

$ docker run -ti -v ${pwd}:/root/src — link sonarqube newtmitch/sonar-scanner:4 -D sonar.host.url=http://sonarqube:9000 -D sonar.scm.provider=git -D sonar.project
BaseDir=/root/src -D sonar.sources=. -D sonar.projectName=”Web App with Database Demo”

At the end, we should be able to go to localhost:9000 and see this nice generated dashboard with results of the code analysis.

SonarQube dashboard

5. SonarQube on Kubernetes

We can also deploy SonarQube on Kubernetes. There is a Helm chart for that available here.

More resources

https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-msbuild/

https://github.com/skilld-labs/sonar-scanner

One of my videos on Sonar Cloud (the SaaS version of SonarQube):

Docker
Sonar
Sonarqube
Sonarcloud
Kubernetes

--

--

Houssem Dellai

Written by Houssem Dellai

1.2K Followers

Premier Field Engineer at Microsoft, ex MVP, Cloud & DevOps enthusiast. I share what I learn in my professional experience through articles and videos.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams