Problem scenario
You want to utilize SonarQube to do some analysis of some code. What do you do?
Solution
Prerequisites
This assumes you have SonarQube and SonarQube Scanner (aka sonar-scanner) installed. If you need assistance with either of these, see this link to install SonarQube or this link to install sonar-scanner.
Procedures
- Place the source code file (e.g., foo.py) in directory on the back-end of a server with Sonar-Scanner.
- The sonar-project.properties file should refer to the directory with the code in the stanza sonar.sources= stanza. The path after the equals sign is relative to the directory the sonar-project.properties file is in. So if you have a subdirectory named "contint" in the same directory that the sonar-project.properties file, your stanza will look like this:
sonar.sources=contint
- From the directory with sonar-project.properties, run the sonar-scanner -X command.
- Go to the web UI for SonarQube. Log in. Go to Projects. Click on the Project associated with the name specified in the sonar-project.properties file.
- Optional step if you only want to analyze code for one programming language. In the sonar-project.properties file, the sonar.language stanza should be specific to the code you want to analyze exclusively. There are codes (or abbrieviated symbols) for each languages. If you run the "sonar-scanner -X" on the back-end, you may see the different codes amongst other output. For three languages, here are the codes, but do not use the quotes:
For Python, the code is "py". For C#, the code is "cs". For java, the code is "java".
Here is an example of the sonar.language stanza for Python:
sonar.language=py
If you want SonarQube Scanner to analyze each programming language, omit or comment out the sonar.language stanza