### Start Scanner from Command Line Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/npm/using.md Use this command when the scanner is installed globally. Pass analysis parameters using the -Dsonar.xxx=yyy syntax. ```bash sonar -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04e ``` -------------------------------- ### Query Documentation with GET Request Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/sonarscanner.md Use this GET request to ask questions about the documentation dynamically. Replace with your specific query. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/sonarscanner.md?ask= ``` -------------------------------- ### Start Scanner with npx Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/npm/using.md Use this command to start the analysis without installing the scanner globally. Analysis parameters are passed using the -Dsonar.xxx=yyy syntax. ```bash npx @sonar/scan -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04e ``` -------------------------------- ### Query Documentation with GET Request Source: https://docs.sonarsource.com/sonarqube-community-build/instance-administration/authentication/saml/ping-identity/setup-in-ping-identity.md Use this HTTP GET request to query the documentation dynamically. Replace with your specific query. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/instance-administration/authentication/saml/ping-identity/setup-in-ping-identity.md?ask= ``` -------------------------------- ### Install SonarScanner for .NET using .NET Global Tool Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/dotnet-environments/getting-started-with-net.md Use this command to install the SonarScanner for .NET as a global tool. The --version argument is optional; omitting it installs the latest version. Available from .NET Core 3.1+. ```bash dotnet tool install --global dotnet-sonarscanner --version x.x.x ``` -------------------------------- ### Querying Documentation with GET Request Source: https://docs.sonarsource.com/sonarqube-community-build/project-administration/adjusting-analysis/setting-analysis-scope/excluding-based-on-file-extension.md Use this HTTP GET request to ask questions about the documentation. Append your question to the 'ask' query parameter. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/project-administration/adjusting-analysis/setting-analysis-scope/excluding-based-on-file-extension.md?ask= ``` -------------------------------- ### Example Kubernetes Secret Creation Source: https://docs.sonarsource.com/sonarqube-community-build/server-installation/on-kubernetes-or-openshift/encrypting-helm-chart-sensitive-data.md An example demonstrating the creation of a Kubernetes secret named 'myEncryptionKeySecret' with a specific encryption key value. ```bash kubectl create secret generic --from-literal sonar-secret.txt=EgycYJc4Ek4uj2pH39e3+bnnk15IrVu4dxtfjDyN1y8= myEncryptionKeySecret ``` -------------------------------- ### Query Documentation with GET Request Source: https://docs.sonarsource.com/sonarqube-community-build/project-administration/adjusting-analysis/setting-analysis-scope/introduction.md Use this GET request to query the documentation dynamically. Replace with your specific query in natural language. ```HTTP GET https://docs.sonarsource.com/sonarqube-community-build/project-administration/adjusting-analysis/setting-analysis-scope/introduction.md?ask= ``` -------------------------------- ### Dynamically Query Documentation Source: https://docs.sonarsource.com/sonarqube-community-build/user-guide/issues/solution-overview.md To ask questions and get answers directly from the documentation, perform an HTTP GET request with the `ask` query parameter. ```http GET https://docs.sonarsource.com/sonarqube-community-build/user-guide/issues/solution-overview.md?ask= ``` -------------------------------- ### Install Coverlet Global Tool Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/test-coverage/dotnet-test-coverage.md Install the Coverlet console runner as a global .NET tool. This is a prerequisite for using Coverlet in your build process. ```bash dotnet tool install --global coverlet.console ``` -------------------------------- ### Example DB Copy from Oracle to PostgreSQL Source: https://docs.sonarsource.com/sonarqube-community-build/server-update-and-maintenance/maintenance/sonarqube-db-copy-tool.md This example demonstrates a full copy command from an Oracle source to a PostgreSQL target database. Parameters are listed on separate lines using backslashes for continuation. Ensure correct classpath and parameters for your specific environment. ```bash java \ -cp ojdbc11-21.8.0.0.jar:sonar-db-copy-1.6.0.2092.jar com.sonar.dbcopy.StartApp \ -urlSrc jdbc:oracle:thin:@10.18.51.1:1521/XEPDB1 \ -userSrc sonar \ -pwdSrc 05xlAz1EhgQb9Pl8 \ -urlDest jdbc:postgresql://10.10.1.138/sonarqube \ -userDest sonar \ -pwdDest Ck23L1OpqF4BdwJv ``` -------------------------------- ### Example Stacktrace Analysis Source: https://docs.sonarsource.com/sonarqube-community-build/server-update-and-maintenance/troubleshooting/server-logs.md This is an example of a Java stacktrace found in server logs. Focus on the first line for the human-readable error message and lines starting with 'Caused by' to find the root cause. ```java java.lang.IllegalStateException: Unable to blame file **/**/foo.java at org.sonarsource.scm.git.JGitBlameCommand.blame(JGitBlameCommand.java:128) at org.sonarsource.scm.git.JGitBlameCommand.access$000(JGitBlameCommand.java:44) at org.sonarsource.scm.git.JGitBlameCommand$1.call(JGitBlameCommand.java:112) at org.sonarsource.scm.git.JGitBlameCommand$1.call(JGitBlameCommand.java:109) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: java.lang.NullPointerException at org.eclipse.jgit.treewalk.filter.PathFilter.create(PathFilter.java:77) at org.eclipse.jgit.blame.BlameGenerator.(BlameGenerator.java:161) at org.eclipse.jgit.api.BlameCommand.call(BlameCommand.java:203) at org.sonarsource.scm.git.JGitBlameCommand.blame(JGitBlameCommand.java:126) ... 7 more ``` -------------------------------- ### Query Documentation with GET Request Source: https://docs.sonarsource.com/sonarqube-community-build/user-guide/managing-your-account/subscribing-to-notifications.md Use this method to ask questions about the documentation dynamically. The response includes a direct answer and relevant excerpts. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/user-guide/managing-your-account/subscribing-to-notifications.md?ask= ``` -------------------------------- ### SonarQube Analysis with Other Scanners in Jenkins Scripted Pipeline Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/ci-integration/jenkins-integration/add-analysis-to-job.md Use this example to add SonarQube analysis for projects using generic scanners in a scripted Jenkins Pipeline. It requires specifying the scanner installation and SonarQube installation names. ```groovy node { stage('SonarQube analysis') { def scannerHome = tool ''; // must match the name of an actual scanner installation directory on your Jenkins build agent withSonarQubeEnv('') { // If you have configured more than one global server connection, you can specify its name as configured in Jenkins sh "${scannerHome}/bin/sonar-scanner" } } } ``` -------------------------------- ### Start Scanner with pnpm dlx Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/npm/using.md Use this command with pnpm to execute the sonar scanner without a global installation, specifying the package and analysis parameters. ```bash pnpm --package=@sonar/scan dlx sonar -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04e ``` -------------------------------- ### Query Documentation Dynamically Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/test-coverage/javascript-typescript-test-coverage.md Use this HTTP GET request to ask questions about the documentation. The response includes direct answers and relevant excerpts. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/test-coverage/javascript-typescript-test-coverage.md?ask= ``` -------------------------------- ### SonarScanner for .NET CI/CD Configuration Source: https://docs.sonarsource.com/sonarqube-community-build/devops-platform-integration/gitlab-integration/adding-analysis-to-gitlab-ci-cd.md Configure your .gitlab-ci.yml for SonarQube analysis using the .NET scanner. This example includes installing the scanner, setting up environment variables, and running the analysis. ```yaml sonarqube-check: image: mcr.microsoft.com/dotnet/sdk:latest variables: SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task cache: key: "${CI_JOB_NAME}" paths: - .sonar/cache script: - "dotnet tool install --global dotnet-sonarscanner" - "export PATH="$PATH:$HOME/.dotnet/tools"" - "dotnet sonarscanner begin /k:"projectKey" /d:sonar.token="$SONAR_TOKEN" /d:"sonar.host.url=$SONAR_HOST_URL" " #Replace "projectKey" with your project key - "dotnet build" - "dotnet sonarscanner end /d:sonar.token="$SONAR_TOKEN"" allow_failure: false only: - merge_requests - main - develop ``` -------------------------------- ### Query Documentation with HTTP GET Source: https://docs.sonarsource.com/sonarqube-community-build/instance-administration/authentication/saml/how-to-set-up-okta.md Use this method to ask questions about the documentation dynamically. The response includes a direct answer and relevant excerpts from the documentation. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/instance-administration/authentication/saml/how-to-set-up-okta.md?ask= ``` -------------------------------- ### Query Documentation with HTTP GET Source: https://docs.sonarsource.com/sonarqube-community-build/instance-administration/authentication/saml/how-to-set-up-keycloak.md Use this method to ask questions about the documentation dynamically. The response includes a direct answer, relevant excerpts, and sources. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/instance-administration/authentication/saml/how-to-set-up-keycloak.md?ask= ``` -------------------------------- ### GET MEASURES Source: https://docs.sonarsource.com/sonarqube-community-build/extension-guide/web-api.md This example demonstrates how to extract measures for a given project using the Web API. It specifies the metric keys and the project component key. Ensure you have the necessary permissions for private projects. ```APIDOC ## GET MEASURES /api/measures/component ### Description Retrieves measures for a specified project component. This is useful for extracting data on metrics like lines of code, code smells, and complexity. ### Method GET ### Endpoint /api/measures/component ### Parameters #### Query Parameters - **metricKeys** (string) - Required - Comma-separated list of metric keys to retrieve (e.g., `ncloc,code_smells,complexity`). - **component** (string) - Required - The key of the project component for which to retrieve measures. #### Headers - **Authorization** (string) - Required - Bearer token for authentication (e.g., `Bearer `). - **Content-Type** (string) - Optional - Defaults to `application/x-www-form-urlencoded` if not specified. ### Request Example ```curl curl --request GET \ --url 'https://sonarqube.com/api/measures/component?metricKeys=ncloc%2Ccode_smells%2Ccomplexity&component=' \ --header 'Authorization: Bearer ' ``` ### Response #### Success Response (200) - **component** (object) - Contains details about the project component and its measures. - **id** (string) - The unique identifier of the component. - **key** (string) - The key of the component. - **name** (string) - The name of the component. - **qualifier** (string) - The qualifier of the component (e.g., 'TRK' for project). - **measures** (array) - A list of measures for the component. - **metric** (string) - The name of the metric. - **value** (string) - The value of the metric. - **bestValue** (boolean) - Indicates if this is the best value achieved for the metric (optional). #### Response Example ```json { "component": { "id": "id", "key": "my_project_key", "name": "my_project_name", "qualifier": "TRK", "measures": [ { "metric": "complexity", "value": "4214" }, { "metric": "code_smells", "value": "8595", "bestValue": false }, { "metric": "ncloc", "value": "51667" } ] } } ``` ``` -------------------------------- ### Querying Documentation Dynamically Source: https://docs.sonarsource.com/sonarqube-community-build/project-administration/adjusting-analysis/setting-analysis-scope/verifying-analysis-scope.md Use this HTTP GET request to ask questions about the documentation. The response includes a direct answer, relevant excerpts, and sources. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/project-administration/adjusting-analysis/setting-analysis-scope/verifying-analysis-scope.md?ask= ``` -------------------------------- ### Complete GitHub Actions Workflow for SonarQube Scan Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/test-coverage/javascript-typescript-test-coverage.md This is a complete example of a GitHub Actions workflow file that includes checking out code, installing dependencies, running tests with coverage, and performing a SonarQube scan. ```yaml name: Build on: push: branches: - main # the name of the main branch pull_request: types: [opened, synchronize, reopened] jobs: sonarqube: name: sonarqube runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Install dependencies run: yarn - name: Test and coverage run: yarn jest --coverage - name: SonarQube Scan uses: SonarSource/sonarqube-scan-action@v7 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} ``` -------------------------------- ### Query Documentation Dynamically Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners.md Use this GET request to ask questions about the documentation. The response includes direct answers and relevant excerpts. ```http GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners.md?ask= ``` -------------------------------- ### SonarQube Analysis with Maven in Jenkins Pipeline Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/ci-integration/jenkins-integration/add-analysis-to-job.md Integrate SonarQube analysis for Maven projects in a scripted Jenkins Pipeline. This example shows how to specify credentials and the SonarQube installation name if multiple configurations exist. ```groovy node { stage('SonarQube analysis') { withSonarQubeEnv(credentialsId: 'f225455e-ea59-40fa-8af7-08176e86507a', installationName: '') { // You can override the credential to be used, If you have configured more than one global server connection, you can specify the corresponding SonarQube installation name configured in Jenkins sh 'mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922:sonar' } } } ``` -------------------------------- ### Complete GitHub Actions Workflow for PHP Build and SonarQube Scan Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/test-coverage/php-test-coverage.md A comprehensive GitHub Actions workflow that includes checkout, PHP setup, dependency installation, test execution with coverage, and the SonarQube scan. ```yaml name: build on: - pull_request - push jobs: tests: name: Tests runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v2 with: fetch-depth: 0 - name: Setup PHP with Xdebug uses: shivammathur/setup-php@v2 with: php-version: '8.1' coverage: xdebug - name: Install dependencies with composer run: composer update --no-ansi --no-interaction --no-progress - name: Run tests with phpunit/phpunit run: vendor/bin/phpunit --coverage-clover=coverage.xml - name: SonarQube Scan uses: SonarSource/sonarqube-scan-action@v7 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} ``` -------------------------------- ### Query Documentation with 'ask' Parameter Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/ci-integration/jenkins-integration/global-setup.md Use this GET request to ask questions about the documentation. The response includes direct answers and relevant excerpts. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/ci-integration/jenkins-integration/global-setup.md?ask= ``` -------------------------------- ### Add SonarScanner Download and Setup to Codemagic Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/ci-integration/codemagic-integration.md This script downloads, installs, and configures the SonarScanner CLI within your Codemagic build environment. Ensure you download the correct version for your operating system (macOS or Linux). ```yaml scripts: - | # download and install the SonarScanner wget -O $FCI_BUILD_DIR/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.4.0.2170-macosx.zip # If running in a Linux environment, download https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.4.0.2170-linux.zip unzip $FCI_BUILD_DIR/sonar-scanner.zip mv sonar-scanner-* sonar-scanner - | # Generate and upload code analysis report export PATH=$PATH:$FCI_BUILD_DIR/sonar-scanner/bin sonar-scanner \ -Dsonar.projectKey=YOUR_PROJECT_KEY \ -Dsonar.host.url=SONARQUBE_URL \ ``` -------------------------------- ### Visual Studio code coverage collection Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/test-coverage/dotnet-test-coverage.md This example demonstrates collecting code coverage using Visual Studio's built-in capabilities. It's recommended when Visual Studio Enterprise is installed on the build agent. The .NET Framework scanner automatically processes the coverage output. ```bash SonarScanner.MSBuild.exe begin /k:"" /d:sonar.token="" dotnet build --no-incremental dotnet test --collect "Code Coverage" SonarScanner.MSBuild.exe end /d:sonar.token="" ``` -------------------------------- ### Enable and Start SonarQube systemd Service Source: https://docs.sonarsource.com/sonarqube-community-build/server-installation/from-zip-file/starting-stopping-server/running-as-a-service.md Commands to enable SonarQube to start on boot and to start the service immediately on a Linux system using systemd. ```shell sudo systemctl enable sonarqube.service sudo systemctl start sonarqube.service ``` -------------------------------- ### Query Documentation with HTTP GET Source: https://docs.sonarsource.com/sonarqube-community-build/devops-platform-integration/bitbucket-integration/bitbucket-cloud-integration/global.md Use this method to ask questions about the documentation dynamically. Append the 'ask' query parameter with your question to the current page URL. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/devops-platform-integration/bitbucket-integration/bitbucket-cloud-integration/global.md?ask= ``` -------------------------------- ### Install and Uninstall SonarQube Service on Windows Source: https://docs.sonarsource.com/sonarqube-community-build/server-installation/from-zip-file/starting-stopping-server/running-as-a-service.md Use these commands to install or uninstall SonarQube as a Windows service. Ensure you replace '' with the actual installation directory. ```shell > \bin\windows-x86-64\SonarService.bat install > \bin\windows-x86-64\SonarService.bat uninstall ``` -------------------------------- ### Install Plugin via Helm Upgrade Command Source: https://docs.sonarsource.com/sonarqube-community-build/server-installation/plugins/install-a-plugin.md Install or upgrade a SonarQube deployment on Kubernetes by setting the plugin installation URL directly in the helm upgrade command. ```sh helm upgrade --install -n sonarqube sonarqube sonarqube/sonarqube \ --set "plugins.install={https://github.com/SonarOpenCommunity/sonar-cxx/releases/download/cxx-2.0.7/sonar-cxx-plugin-2.0.7.3119.jar}" ``` -------------------------------- ### Query Documentation via HTTP GET Source: https://docs.sonarsource.com/sonarqube-community-build/devops-platform-integration/azure-devops-integration/setting-up-integration-at-global-level.md Use this method to ask questions about the documentation. The response includes direct answers and relevant excerpts. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/devops-platform-integration/azure-devops-integration/setting-up-integration-at-global-level.md?ask= ``` -------------------------------- ### Query Documentation with GET Request Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/ci-integration/jenkins-integration/add-analysis-to-job.md Use this HTTP GET request to query the documentation dynamically. Include your specific question as the value for the 'ask' parameter. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/ci-integration/jenkins-integration/add-analysis-to-job.md?ask= ``` -------------------------------- ### Querying Documentation via HTTP GET Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/languages/python.md To get more information not present on the page, make an HTTP GET request to the current page URL with an 'ask' query parameter containing your question. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/languages/python.md?ask= ``` -------------------------------- ### Install SonarScanner Globally Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/npm/installing.md Install the SonarScanner globally on your system using npm. ```bash npm install -g @sonar/scan ``` -------------------------------- ### Query Documentation with AI Agent Source: https://docs.sonarsource.com/sonarqube-community-build/extension-guide/developing-a-plugin/executable-lines.md Perform an HTTP GET request to query the documentation dynamically. Include your question as the 'ask' query parameter. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/extension-guide/developing-a-plugin/executable-lines.md?ask= ``` -------------------------------- ### Ask a Question via HTTP GET Source: https://docs.sonarsource.com/sonarqube-community-build Perform an HTTP GET request to the documentation index with the 'ask' parameter to get a direct answer to a specific question. The question should be self-contained and in natural language. ```http GET https://docs.sonarsource.com/sonarqube-integrations.md?ask= ``` -------------------------------- ### Query Documentation with 'ask' Parameter Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/dotnet-environments/dotnet-test-coverage.md Demonstrates how to query the documentation dynamically using an HTTP GET request with the 'ask' query parameter. This is useful for retrieving specific information, clarifications, or related documentation sections not explicitly found on the current page. ```http GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/dotnet-environments/dotnet-test-coverage.md?ask= ``` -------------------------------- ### Query Documentation via HTTP GET Source: https://docs.sonarsource.com/sonarqube-community-build/devops-platform-integration/bitbucket-integration/bitbucket-cloud-integration.md To get specific information not directly on the page, make an HTTP GET request to the page URL with an 'ask' query parameter. The question should be clear and self-contained. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/devops-platform-integration/bitbucket-integration/bitbucket-cloud-integration.md?ask= ``` -------------------------------- ### Querying Documentation via HTTP GET Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/languages/vb-dotnet.md Use this method to ask specific questions about the documentation. The response includes a direct answer and relevant excerpts. ```bash GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/languages/vb-dotnet.md?ask= ``` -------------------------------- ### Add Analysis Step to Build Files Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/npm/using.md Integrate the scanner into your project's devDependencies and code the analysis step in JS. This example shows how to configure server URL, token, and other analysis options. ```javascript const scanner = require('@sonar/scan'); scanner( { serverUrl: 'https://sonarqube.mycompany.com', token: '019d1e2e04eefdcd0caee1468f39a45e69d33d3f', options: { 'sonar.projectName': 'My App', 'sonar.projectDescription': 'Description for "My App" project...', 'sonar.sources': 'src', 'sonar.tests': 'test', }, }, () => process.exit(), ); ``` -------------------------------- ### Querying Documentation with GET Request Source: https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/npm/introduction.md To get additional information not directly present on the page, perform an HTTP GET request to the page URL with the 'ask' query parameter. The question should be specific and self-contained. ```http GET https://docs.sonarsource.com/sonarqube-community-build/analyzing-source-code/scanners/npm/introduction.md?ask= ```