Run SonarQube Locally — .Net

The article describes how to analyze C# code quality using the SonarQube command line.

Prerequisites

1. Download the SonarQube free Community Edition

2. SonarQube scanners require version 8/11 of the JVM, and the SonarQube requires version 11

3. Install PostgreSQL for demonstration, but it also supports MSSQL and Oracle databases.

4. For the .Net Core 2+ version, download SonarQube Scanner.

5. For the .Net Framework version, download SonarQube Scanner.

Getting Started

Following steps to configure & run C# code analysis using SonarQube for .Net Core applications. Unzip folders(prerequisites in points 1 and 4) into a directory.

Configure User: Follow the below commands to configure a database & user in the PostgresSQL database.

#Create DB CREATE DATABASE sonar;

#Create a user in DB with a password CREATE USER sonar WITH PASSWORD '<password>';

#Grant, all permissions to that user GRANT ALL PRIVILEGES ON DATABASE sonar TO sonar;

Update SonarQube Configuration: Go to SonarQube Community edition unzipped folder, open the config file in the following path “..\conf\sonar.properties.”

• Uncomment and add the username and password created above in the config file.

• Add JDBC Postgres URL as shown in the screenshot below.

sonar.jdbc.url=jdbc:postgresql://localhost:5432/sonar

After configuration, now SonarQube will use PostgresSQL to save reports or logs locally.

Run SonarQube: Go to SonarQube Community edition unzipped folder, run the following bat file “..\sonarqube-8.8.0.42792\bin\windows-x86–64\StartSonar.bat” in “Admin” mode.

Once the SonarQube server is UP, a client application will be available on the browser at the following URL

http://localhost:9000

Project Creation SonarQube

1. Add a new project.

2. Add project details as shown below

3. Create a unique token

As a prerequisite, analysis requires a sonar scanner tool installed globally using the following command:

dotnet tool install --global dotnet-sonarscanner

Execute the Scanner (.Net Core): Running a SonarQube analysis is straightforward. Need to execute the following commands at the root of your solution.

dotnet sonarscanner begin /k:"demo" /d:sonar.host.url="http://localhost:9000" /d:sonar.login="ce4c4c9c407be98e8150822abbfe017b8c576848"

dotnet build

dotnet sonarscanner end /d:sonar.login="ce4c4c9c407be98e8150822abbfe017b8c576848"

Execute the Scanner (.Net Framework): Running a SonarQube analysis is straightforward. Need to execute the following commands at the root of your solution.

SonarScanner.MSBuild.exe begin /k:"demo" /d:sonar.host.url="http://localhost:9000" /d:sonar.login="43ca541c658f2f5f856e1b2a707c122b21c02ac1"

MsBuild.exe /t:Rebuild

SonarScanner.MSBuild.exe end /d:sonar.login="43ca541c658f2f5f856e1b2a707c122b21c02ac1"

Sample Report

Thank you for reading and hope you liked the article. Follow me on LinkedIn Instagram Facebook Twitter