Analize code with Sonar Scanner – Linux Guru

Spread the love

Setting Up the SonarCode Scanner.

SonarQube’s code scanner is a package that you can install on different machine, it’s not good idea to install it with sonarqube server, You can install it on testing setver or in your local machine. There are packages available for Windows, MacOS, and Linux which you can find at the SonarQube web site. In the previous article we have setup Sonarqube server on kubernetes. Click here to read the post.
  • Create a directory for sonar scanner
mkdir /opt/sonarscanner
cd /opt/sonarscanner

Download the SonarQube scanner for Linux using wget. you can download as per your OS.


Unzip, Extract the scanner.

After that, we have to modify a few settings to get the scanner working with our server install. Edit the configuration file and un-comment the line starting with and add yours.
vim sonar-scanner-
#Configure here general information about the environment, such as SonarQube server connection details for example
#No information about specific project should appear here

#----- Default SonarQube server
#add your sonarqube server ip.

#----- Default source code encoding

Make the binary executable.

chmod +x sonar-scanner-

Create the symbolic link so that you don’t need to specify full path.

ln -s /opt/sonarscanner/sonar-scanner- /usr/local/bin/sonar-scanner
Now the scanner is up and running, Now run your fisrt code scan.

Run code scan for your project.

Go to your project directory and create a file name “”, Define the project name, Project key, project version and the current directory.

Now you can run the code scan from your machine. To run code scan you will need token of the sonarqube server. So create sonarsqube user token first.
Go to My account > Security and generate the token.

Run the code scan now.

sonar-scanner -D sonar.login=your_token_here
Once the scan is complete, you’ll see a summary screen similar to this:
INFO: Task total time: 7.933 s
INFO: ------------------------------------------------------------------------
INFO: ------------------------------------------------------------------------
INFO: Total time: 19.249s
INFO: Final Memory: 19M/296M
And the project’s code quality report will now be on the SonarQube dashboard. You can check it on your sonarqube server.

Gitlab CI/CD integration with SonarQube.

As with sonnar-scanner, you will need to have a file in your project’s root folder. To run the scan, add the following to your gitlab-ci.yml
For preview mode :
  image: emeraldsquad/sonar-scanner
  stage: analysis
  script: sonar-scanner$SONAR_URL -Dsonar.login=$SONAR_TOKEN -Dsonar.analysis.mode=preview -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID -Dsonar.gitlab.unique_issue_per_inline=true

    - master
For analysis mode :
  image: emeraldsquad/sonar-scanner
  stage: analysis
  script: sonar-scanner$SONAR_URL -Dsonar.login=$SONAR_TOKEN -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA -Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME -Dsonar.gitlab.project_id=$CI_PROJECT_ID -Dsonar.gitlab.unique_issue_per_inline=true

    - master

Variables :


Leave a Comment