Scribd
Upload
20 views3 pages

Static Code Analysis Setup

The document discusses setting up static code analysis with SonarQube and SonarScanner. It provides instructions for installing Docker and running the SonarQube image, accessing the SonarQube web interface, and installing and verifying SonarScanner.

Uploaded by

Luis Gutierrez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
20 views3 pages

Static Code Analysis Setup

The document discusses setting up static code analysis with SonarQube and SonarScanner. It provides instructions for installing Docker and running the SonarQube image, accessing the SonarQube web interface, and installing and verifying SonarScanner.

Uploaded by

Luis Gutierrez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Static Code Analysis Setup

For this exercise, you will be setting up SonarQube to analyze your Java project code and
SonarScanner to analyze your TypeScript code.

Install SonarQube
We will be using the Docker image to run SonarQube. To install, you must first have Docker
running on your computer. You can install Docker Desktop here:

• Windows - https://hub.docker.com/editions/community/docker-ce-desktop-windows
• Mac - https://docs.docker.com/desktop/mac/install/

Make sure you Docker Desktop running. Open a terminal window and type:

docker run -d --name sonarqube -e SONAR_ES_BOOTSTRAP_CHECKS_DISABLE=true -p 9000:9000 sonarqube:latest

Accessing SonarQube

Once you have SonarQube installed and running, log in to http://localhost:9000 with System
Administrator credentials (admin/admin) and update your password.

Remember your username and password as this will be needed later for the exercise.

You should see something like this:


Click Administration from the top menu and then click Security on the left.

Scroll to the bottom and make sure Force user authentication is unchecked. This will allow you
to freely run SonarQube without requiring any credentials.

At this point, you are done with installing SonarQube.

Install SonarScanner

1. Go to https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/ and download


SonarScanner.
2. Expand the downloaded file into the directory of your choice. We'll refer to it
as $install_directory in the next steps.
3. Add the $install_directory/bin directory to your path.
4. Verify your installation by opening a new shell and executing the command sonar-
scanner -h (sonar-scanner.bat -h on Windows). You should get output like this:

At this point, you are done with installing SonarScanner.


Stopping SonarQube

Option 1: Zip File Installation

To stop SonarQube, follow the instructions here:


https://docs.sonarqube.org/latest/setup/operate-server/

Option 2: Docker Image

To stop SonarQube on Docker, you must first find the container id by typing: docker ps

Next, stop the container by typing: docker stop [container id]

Lastly, remove the docker container by typing: docker rm [container id]

You might also like