DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
What's in store for DevOps in 2023? Hear from the experts in our "DZone 2023 Preview: DevOps Edition" on Fri, Jan 27!
Save your seat
  1. DZone
  2. Software Design and Architecture
  3. Cloud Architecture
  4. Code Analysis With SonarQube + Docker + .NET Core

Code Analysis With SonarQube + Docker + .NET Core

Let's create an environment and configure SonarQube with Docker + SonarQube (7.5) + .NET Core Project.

Thiago Loureiro user avatar by
Thiago Loureiro
·
Jan. 09, 19 · Tutorial
Like (4)
Save
Tweet
Share
24.05K Views

Join the DZone community and get the full member experience.

Join For Free

Nowadays, code quality is very important. We have several tools and components in the market that help us to identify possible problems and one of them is SonarQube, a free tool in the Community version. In other versions, the price varies according to the Developer features/Enterprise/DataCenter.

SonarQube performs various analyzes, bugs, code smells, test coverage, vulnerabilities, and duplicate blocks. Thus, identifying problems, such as a WebClient that has neglected to give a dispose.

Let’s now create an environment and configure SonarQube with Docker + SonarQube (7.5) + .NET Core Project.

You must have the Java SDK installed!

Open the CMD or the terminal of your choice and execute the commands to download the Docker-Compose file:

curl -LO https://raw.githubusercontent.com/thiagoloureiro/SonarQube-Docker-Netcore/master/docker-compose.yml

Next, we will execute the compose to upload the image:

docker-compose up

Open your browser at http://localhost:9000

Login: admin
Password: bitnami

An interface will be displayed to enter information about the project:

After clicking Generate, the following screen will appear:

At this point, select the language of your project and enter a key that will be used as Token:

After you click Done, the following information is displayed:

Write down the key marked in the image above and click "Finish this tutorial" in the lower right corner.

Once your project is done, your environment is ready to perform the first analysis:

Open CMD again and create a new solution and project, change the name of the solution and project to the name generated by the new sln/console command.

dotnet new sln
dotnet new console
dotnet sln awesomeproject.sln add awesomeproject.csproj

Now let’s go to SonarQube, for .NET Core we have a native tool, to install execute the following command:

dotnet tool install --global dotnet-sonarscanner 

Then…

dotnet sonarscanner begin /d:sonar.login=admin /d:sonar.password=bitnami /k:”AwesomeKey”

The Login can be replaced by the Key generated above, being only:

dotnet sonarscanner begin /d:sonar.login=keygerada /k:”AwesomeKey”

Now let’s run a build for the solution:

dotnet build

And to finish the process, we will execute the command to terminate the analysis:

dotnet sonarscanner end /d:sonar.login=admin /d:sonar.password=bitnami

Or

dotnet sonarscanner end /d:sonar.login=generatedkey

Once the process is finished, we can go back to the dashboard(http://localhost:9000) and we will have some information:

Now, you only have to configure your project and execute the commands automatically when you perform a build on a specific branch.

Thanks, and let me know your thoughts or questions in the comments.

.NET code style Docker (software)

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • The Quest for REST
  • How To Validate Three Common Document Types in Python
  • Cloud-Based Transportation Management System
  • Beginners’ Guide to Run a Linux Server Securely

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: