How to Analyze Your Code Quality in 10 Minutes With Sonarqube and Docker

DZone 's Guide to

How to Analyze Your Code Quality in 10 Minutes With Sonarqube and Docker

Take a look at how you can perform a static code analysis quickly with these tools.

· Cloud Zone ·
Free Resource


All of us might have authored some code in various languages and might have shared the code in various platforms like Github or StackOverflow. We often just see whether the code is working but do not analyze the code using static code analysis tools because of the complexity of setting it up. Not anymore! In this article, I will show you how you can quickly setup Sonarqube with Docker in less than ten minutes and check your code quality. 

Steps for Analyzing Your Code

Setup Docker

Install the latest version of Docker. Since I have a Windows 10 Home machine, I have used Docker Toolbox for Windows. 

Download Sonar from DockerHub

You need to download the latest tag version of Sonarqube from Docker Hub and run it on port 9000. 

docker pull sonarqube   
docker run -d --name sonarqube -p 9000:9000 sonarqube 

Download Sonar Scanner

You need to download the latest version of Sonar Scanner which will be used to analyze the source code. As of this writing, the link is here

Unzip Sonar Scanner and Link the Sonarqube 

For performing this step, you would need to go to $sonarscanner_install_dir/conf/sonar-scanner.properties  and link the host and port on which your Sonar installation is running. As of this example, it is on localhost and port 9000 as mentioned in  docker run .


Start Analyzing the Source Code

For this step, the source code directory should be placed in the current folder and run the following command:

sonar-scanner -Dsonar.projectKey=<Project Name>  -Dsonar.sources=<Project Src Directory>  

That's it! Open the SonarQube home from the browser on http://localhost:9000/ (or use docker-machine ip  to get the host ip address and then the port number 9000) and check your source code static analysis result. 

cloud, code analysis, docker, sonarqube, static code analysis

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}