How to Analyze Your Code Quality in 10 Minutes With Sonarqube and Docker
Take a look at how you can perform a static code analysis quickly with these tools.
Join the DZone community and get the full member experience.Join For Free
All of us might have authored some code in various languages and might have shared the code in various platforms like Github or StackOverflow. We often just see whether the code is working but do not analyze the code using static code analysis tools because of the complexity of setting it up. Not anymore! In this article, I will show you how you can quickly setup Sonarqube with Docker in less than ten minutes and check your code quality.
Steps for Analyzing Your Code
Install the latest version of Docker. Since I have a Windows 10 Home machine, I have used Docker Toolbox for Windows.
Download Sonar from DockerHub
You need to download the latest tag version of Sonarqube from Docker Hub and run it on port 9000.
docker pull sonarqube docker run -d --name sonarqube -p 9000:9000 sonarqube
Download Sonar Scanner
You need to download the latest version of Sonar Scanner which will be used to analyze the source code. As of this writing, the link is here.
Unzip Sonar Scanner and Link the Sonarqube
For performing this step, you would need to go to
$sonarscanner_install_dir/conf/sonar-scanner.properties and link the host and port on which your Sonar installation is running. As of this example, it is on localhost and port 9000 as mentioned in
docker run .
Start Analyzing the Source Code
For this step, the source code directory should be placed in the current folder and run the following command:
sonar-scanner -Dsonar.projectKey=<Project Name> -Dsonar.sources=<Project Src Directory>
That's it! Open the SonarQube home from the browser on
http://localhost:9000/ (or use
docker-machine ip to get the host ip address and then the port number 9000) and check your source code static analysis result.
Opinions expressed by DZone contributors are their own.