### Start SonarQube Server from Zip File (Windows) Source: https://docs.sonarsource.com/sonarqube-server/try-out-sonarqube Execute this command on Windows to start the SonarQube server from the zip installation. Ensure you are running as a non-root user. ```bash C:\sonarqube\bin\windows-x86-64\StartSonar.bat ``` -------------------------------- ### Start SonarQube Server on Windows Source: https://docs.sonarsource.com/sonarqube-server/quickstart-guide/installing-sonarqube-server-with-sql-server Use the StartSonar.bat script to start SonarQube. You can also install and manage it as a Windows service. ```powershell # Navigate to the SonarQube bin directory cd C:\sonarqube\bin\windows-x86-64\ # Start SonarQube StartSonar.bat # Or install as a Windows service InstallNTService.bat net start SonarQube ``` -------------------------------- ### Start SonarQube Server from Zip File (Other OS) Source: https://docs.sonarsource.com/sonarqube-server/try-out-sonarqube Run this command on non-Windows operating systems to start the SonarQube server from the zip installation. Use the appropriate OS directory and ensure you are a non-root user. ```bash /opt/sonarqube/bin//sonar.sh console ``` -------------------------------- ### Install SonarQube as a Windows Service Source: https://docs.sonarsource.com/sonarqube-server/server-installation/from-zip-file/starting-stopping-server/running-as-a-service Use this command to install the SonarQube server as a Windows service. This allows the server to run in the background and start automatically with the system. ```bash sc.exe create SonarQube binPath= "C:\\path\\to\\sonarqube\\bin\\windows-x86-64\\wrapper.exe" DisplayName= "SonarQube" start= auto ``` -------------------------------- ### Enable and Start SonarQube Service with systemd Source: https://docs.sonarsource.com/sonarqube-server/server-installation/from-zip-file/starting-stopping-server/running-as-a-service Commands to enable SonarQube to start on boot and to start the service immediately using systemd. ```bash sudo systemctl enable sonarqube.service sudo systemctl start sonarqube.service ``` -------------------------------- ### Complete GitHub Actions Workflow for PHP Build Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/test-coverage/php-test-coverage A full GitHub Actions workflow example that includes checking out code, setting up PHP with Xdebug, installing dependencies, running tests with coverage, and performing a SonarQube scan. ```yaml name: build on: - pull_request - push jobs: tests: name: Tests runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v6 with: fetch-depth: 0 - name: Setup PHP with Xdebug uses: shivammathur/setup-php@v2 with: php-version: '8.1' coverage: xdebug - name: Install dependencies with composer run: composer update --no-ansi --no-interaction --no-progress - name: Run tests with phpunit/phpunit run: vendor/bin/phpunit --coverage-clover=coverage.xml - name: SonarQube Scan uses: SonarSource/sonarqube-scan-action@v7 env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }} ``` -------------------------------- ### Querying Documentation Dynamically Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/languages/go Example of how to query the documentation dynamically using an HTTP GET request with the `ask` query parameter. This is useful for retrieving specific information not explicitly present on the page. ```http GET https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/languages/go.md?ask= ``` -------------------------------- ### OpenShift Helm Chart Installation Example Source: https://docs.sonarsource.com/sonarqube-server/server-installation/on-kubernetes-or-openshift/installing-helm-chart This command enables OpenShift deployment and configures SonarQube with an external PostgreSQL database. You must set the edition, monitoring passcode, and external database connection details. ```sh helm repo add sonarqube https://SonarSource.github.io/helm-chart-sonarqube helm repo update kubectl create namespace sonarqube export MONITORING_PASSCODE="yourPasscode" export EDITION="developer" # Choose your edition export JDBC_URL="jdbc:postgresql://myPostgres/myDatabase" export JDBC_USERNAME="jdbc-username" export JDBC_PASSWORD_SECRET_NAME="jdbc-secret" export JDBC_PASSWORD_SECRET_KEY="jdbc-password" helm upgrade --install -n sonarqube sonarqube sonarqube/sonarqube \ --set edition=$EDITION \ --set OpenShift.enabled=true \ --set monitoringPasscode=$MONITORING_PASSCODE \ --set jdbcOverwrite.jdbcUrl=$JDBC_URL \ --set jdbcOverwrite.jdbcUsername=$JDBC_USERNAME \ --set jdbcOverwrite.jdbcSecretName=$JDBC_PASSWORD_SECRET_NAME \ --set jdbcOverwrite.jdbcSecretPasswordKey=$JDBC_PASSWORD_SECRET_KEY ``` -------------------------------- ### Install SonarScanner for .NET using Global Tool Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/dotnet-environments/getting-started-with-net Installs the SonarScanner for .NET using the .NET global tool. The --version argument is optional; if omitted, the latest version will be installed. ```bash dotnet tool install --global dotnet-sonarscanner --version x.x.x ``` -------------------------------- ### Install SonarQube Data Center Edition Source: https://docs.sonarsource.com/sonarqube-server/server-installation/data-center-edition/on-kubernetes-or-openshift/installing-from-helm-repo Install SonarQube Data Center Edition using Helm, specifying a release name and namespace. Customize the installation by providing a values file. ```bash helm install sonarqube sonarsource/sonarqube --namespace sonarqube --create-namespace -f values.yaml ``` -------------------------------- ### Start SonarQube Service Source: https://docs.sonarsource.com/sonarqube-server/server-installation/from-zip-file/starting-stopping-server/running-as-a-service Command to start the SonarQube Windows service. This should be used after the service has been successfully installed. ```bash net start SonarQube ``` -------------------------------- ### Start SonarQube Server on Linux/macOS Source: https://docs.sonarsource.com/sonarqube-server/quickstart-guide/installing-sonarqube-server-with-sql-server Navigate to the SonarQube bin directory and use the sonar.sh script to start, check the status, or view logs. ```bash # Navigate to the SonarQube bin directory cd /opt/sonarqube/bin/linux-x86-64/ # Start SonarQube ./sonar.sh start # Check status ./sonar.sh status # View logs tail -f /opt/sonarqube/logs/sonar.log ``` -------------------------------- ### Example PKCS#8 Private Key Content Source: https://docs.sonarsource.com/sonarqube-server/instance-administration/authentication/saml/how-to-set-up-keycloak This is an example of the content of the `pkcs8.key` file after conversion. It should be a single line containing the private key. ```text -----BEGIN PRIVATE KEY-----MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC3qfa8mtiJVCg1RkDFOxfuqk0Gd/R5ULalxC/8fUcDPyGzH0LXD8TYRpPj0b067rqSa0Exg77ZtgDzoz/H9nUaKEwz4C0Cg7U31F2UOgA0IsGQYzJk4YyKmWBbcbkRRnJi9FS672ZIsQQR82XkLplWVw4BIYGXl/Zkb5bMh3AUAOQUMCej5SBqxOxeYRI4l0A0MhnnIwkkIEALjkzbI9LrxWxj3hi7FYLObNOMxSzKr6Zpttv7tO/6QBcCK0ux2WAjKz0oCvzSEq/qXFodKifHFIdlrpldbjBP0gsUU9xOe1X6PqBynnqdNy9s8WZu5TeGFaK3aEOZD93KrMKAWUrnAgMBAAECggEALwEIHQ/SEB9iJPREWlW708Bw8xFbF3sxK25wy4EyXeHX2ZRMEmc+PQ2fBsSkVcNIK3XYmvf5LZW3W6MxjRcFtDqQ+gvK6SRVCiNHCcroR2+Hs1C30nqo8cW8E9sgfovVdX7LeoYPWtY20PNGZeYJJ0AjXOW62VWyYNTwNosJA40hq5jsd/ktmwd5o1zKPbaMplrWtVlt3UKii3YfeTodOIE/FSHtVL14PcyeYZxgCxJp2gGHvqMjOmBgs89kwkP7+vtYg1Rn8Cj3CzkVDnsHiuDaaSuScntgRXMywhEH6oBs/aFzvA3zhiMW17146TB1eAtKAnVNk8kcC58b5In7qQKBgQDNdamkV0+CZeMdNIxGOUUTbmo/QfGFLUB/1Qf1UAsu6iuIQHn9NoDLACrhI0noQKhoODyQjT/3HDXE4CnEKu9ooUrQ3scklj9FYxMKudQRS+mTtE0ZXe9uD0+rht4Ev9cPAqmZEGa6ZoZ6o84ors/vtBDYL7kX/r7N8pNVvy0VmQKBgQCRXuky0Fv/ZVu2dFGz9h17zCn8rAnZMtVqHS7OUV44SZOXihdGI+QoveuY9ED8xZLierfPh0F09E7PB9RFaiOOomCvPJEmv+/whlMYybbUriOMUIwkoKQh+U9ji79XGO1vP3EETeiBhr0r1O6vNlEFxyAL9mg+JA6Y5UN97hBWMQKBgQCLH/9epJo01mGe+9h0Q1zoBpTGllJXtiOwKAf0JzqKEkVwFtuzgzC3WD1Ru0X85X6pbgyignKe60ZmFa8+nKmgF4IUKtNQmw7+poUzruw9BdOlpdnFrMU05k7hV0s1frwd+L/GLtBP62fw9QSLoWHE25X5Uq8OvI77wV6NwYS/PA==-----END PRIVATE KEY----- ``` -------------------------------- ### Dynamic Documentation Query Example Source: https://docs.sonarsource.com/sonarqube-server/project-administration/adjusting-analysis/changing-quality-gate-and-fudge-factor Perform an HTTP GET request to a documentation page URL with the 'ask' query parameter to get dynamic answers. The question should be specific and in natural language. ```http GET https://docs.sonarsource.com/sonarqube-server/project-administration/adjusting-analysis/changing-quality-gate-and-fudge-factor.md?ask= ``` -------------------------------- ### OpenCover Build Script Example Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/test-coverage/dotnet-test-coverage Use OpenCover for code coverage. Download and unzip OpenCover, then configure your build script to use it and specify the report path. ```bash dotnet sonarscanner begin /k:"" /d:sonar.token="" /d:sonar.cs.opencover.reportsPaths=coverage.xml dotnet build --no-incremental & C:\tools\opencover\OpenCover.Console.exe -target:"dotnet.exe" -targetargs:"test --no-build" -returntargetcode -output:coverage.xml -register:user dotnet sonarscanner end /d:sonar.token="" ``` -------------------------------- ### Start SonarQube Container for JDBC Driver Installation Source: https://docs.sonarsource.com/sonarqube-server/server-installation/from-docker-image/prepare-installation Temporarily start the SonarQube container with the embedded H2 database to mount the `sonarqube_extensions` volume. This allows you to copy the Oracle JDBC driver into the correct location within the volume. ```bash docker run --rm \ -p 9000:9000 \ -v sonarqube_extensions:/opt/sonarqube/extensions \ ``` -------------------------------- ### Querying SonarQube Documentation Dynamically Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/languages/pli Example of how to perform an HTTP GET request to query SonarQube documentation dynamically using the 'ask' query parameter. ```http GET https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/languages/pli.md?ask= ``` -------------------------------- ### Start Scanner from Command Line Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/scanners/npm/using Use the 'sonar' command to start the analysis. Analysis parameters can be passed using the -Dsonar.xxx=yyy syntax. A project key is optional as the scanner uses the package.json 'name' field by default. ```bash sonar -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04e ``` -------------------------------- ### Download Build Wrapper for Linux (Bash) Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/ci-integration/azure-pipelines/c-family-project Use this Bash script on a Linux host to download and extract the build wrapper. Replace '' with your SonarQube instance URL. ```bash curl '/static/cpp/build-wrapper-linux-x86.zip' --output build-wrapper.zip unzip build-wrapper.zip ``` -------------------------------- ### Start Scanner with npx Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/scanners/npm/using Execute the analysis using 'npx @sonar/scan'. Analysis parameters are passed using the -Dsonar.xxx=yyy syntax. No scanner installation is required for this method. ```bash npx @sonar/scan -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04e ``` -------------------------------- ### Example SonarQube Database Migration (Oracle to Postgres) Source: https://docs.sonarsource.com/sonarqube-server/server-update-and-maintenance/maintenance/sonarqube-db-copy-tool An example demonstrating a database copy from Oracle to PostgreSQL. Parameters are listed on separate lines using backslashes for continuation. For single-line execution, remove backslashes and newlines. ```bash java \ -cp ojdbc11-21.8.0.0.jar:sonar-db-copy-1.6.0.2092.jar com.sonar.dbcopy.StartApp \ -urlSrc jdbc:oracle:thin:@10.18.51.1:1521/XEPDB1 \ -userSrc sonar \ -pwdSrc 05xlAz1EhgQb9Pl8 \ -urlDest jdbc:postgresql://10.10.1.138/sonarqube \ -userDest sonar \ -pwdDest Ck23L1OpqF4BdwJv ``` -------------------------------- ### Extract SonarQube Server ZIP (Linux/macOS) Source: https://docs.sonarsource.com/sonarqube-server/quickstart-guide/installing-sonarqube-server-with-sql-server Extract the SonarQube server ZIP archive to the desired installation directory on Linux or macOS. This example uses `/opt/sonarqube` as the target directory. ```bash sudo unzip sonarqube-*.zip -d /opt/ sudo mv /opt/sonarqube-* /opt/sonarqube ``` -------------------------------- ### SonarScanner for .NET CI/CD Configuration Source: https://docs.sonarsource.com/sonarqube-server/project-administration/creating-project/gitlab/configure-binding Configure your GitLab CI/CD pipeline for SonarQube analysis with .NET. This setup involves installing prerequisites, setting environment variables, and initiating the SonarScanner. ```yaml stages: - sonarqube-check - vulnerability-report sonarqube-check: stage: sonarqube-check image: mcr.microsoft.com/dotnet/sdk:latest variables: SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task cache: key: "${CI_JOB_NAME}" paths: - .sonar/cache script: - "apt-get update" - "apt-get install --yes openjdk-17-jre" - "dotnet tool install --global dotnet-sonarscanner" - "export PATH=\"$PATH:$HOME/.dotnet/tools\"" - "dotnet sonarscanner begin /k:\"projectKey" /d:sonar.token=\"$SONAR_TOKEN\" /d:\"sonar.host.url=$SONAR_HOST_URL\" " # Replace "projectKey" with your project key - "dotnet build" ``` -------------------------------- ### Download Build Wrapper for Windows (PowerShell) Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/ci-integration/azure-pipelines/c-family-project Use this PowerShell script on a Windows host to download and extract the build wrapper. Ensure you replace '' with your SonarQube instance URL. ```powershell Invoke-WebRequest -Uri '/static/cpp/build-wrapper-win-x86.zip' -OutFile 'build-wrapper.zip' Expand-Archive -Path 'build-wrapper.zip' -DestinationPath '.' ``` -------------------------------- ### Define Plugin Entry Point Source: https://docs.sonarsource.com/sonarqube-server/extension-guide/developing-a-plugin/plugin-basics Implement the `Plugin` interface and use `context.addExtensions()` to register your plugin's extensions. ```java package org.sonarqube.plugins.example; import org.sonar.api.Plugin; public class ExamplePlugin implements Plugin { @Override public void define(Context context) { // implementations of extension points context.addExtensions(FooLanguage.class, ExampleProperties.class); } } ``` -------------------------------- ### Extract SonarQube Server ZIP (Windows) Source: https://docs.sonarsource.com/sonarqube-server/quickstart-guide/installing-sonarqube-server-with-sql-server Extract the SonarQube server ZIP archive to the desired installation directory on Windows using PowerShell. This example uses `C:\sonarqube` as the target directory. ```powershell Expand-Archive -Path sonarqube-*.zip -DestinationPath C:\ Rename-Item -Path C:\sonarqube-* -NewName C:\sonarqube ``` -------------------------------- ### Request Measures with Bearer Token Source: https://docs.sonarsource.com/sonarqube-server/extension-guide/web-api Example of a GET request to the /api/measures/component endpoint to retrieve project metrics using a bearer token for authentication. Ensure the token has Browse permission for private projects. ```css-79elbk curl --request GET \ --url 'https://sonarqube.com/api/measures/component?metricKeys=ncloc%2Ccode_smells%2Ccomplexity&component=' \ --header 'Authorization: Bearer ' ``` -------------------------------- ### Install Build Wrapper with GitHub Action Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/languages/c-family/prerequisites Use the `sonarqube-scan-action/install-build-wrapper` sub-action to install the Build Wrapper when using the GitHub Action for SonarQube. ```bash sonarqube-scan-action/install-build-wrapper ``` -------------------------------- ### Download Build Wrapper for Linux ARM64 (Bash) Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/ci-integration/azure-pipelines/c-family-project Use this Bash script on a Linux ARM64 host to download and extract the build wrapper. Replace '' with your SonarQube instance URL. ```bash curl '/static/cpp/build-wrapper-linux-aarch64.zip' --output build-wrapper.zip unzip build-wrapper.zip ``` -------------------------------- ### SonarQube Analysis with Maven (Scripted Pipeline) Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/ci-integration/jenkins-integration/add-analysis-to-job Integrate SonarQube analysis into a Maven-based scripted Jenkins pipeline. This example shows how to override credentials and specify the SonarQube installation name if multiple servers are configured. ```groovy node { stage('SonarQube analysis') { withSonarQubeEnv(credentialsId: 'f225455e-ea59-40fa-8af7-08176e86507a', installationName: '') { // You can override the credential to be used, If you have configured more than one global server connection, you can specify the corresponding SonarQube installation name configured in Jenkins sh 'mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922:sonar' } } } ``` -------------------------------- ### SonarScanner for .NET in GitLab CI/CD Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/ci-integration/gitlab-ci-cd Configure a GitLab CI/CD job for SonarQube analysis of .NET projects. This setup installs the scanner, sets up the path, and runs the begin, build, and end steps for analysis. ```yaml sonarqube-check: image: mcr.microsoft.com/dotnet/sdk:latest variables: SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache GIT_DEPTH: "0" # Tells git to fetch all the branches of the project, required by the analysis task cache: key: "${CI_JOB_NAME}" paths: - .sonar/cache script: - "dotnet tool install --global dotnet-sonarscanner" - "export PATH=\"$PATH:$HOME/.dotnet/tools\"" - "dotnet sonarscanner begin /k:\"projectKey\" /d:sonar.token=\"$SONAR_TOKEN\" /d:\"sonar.host.url=$SONAR_HOST_URL\" " #Replace "projectKey" with your project key - "dotnet build" - "dotnet sonarscanner end /d:sonar.token=\"$SONAR_TOKEN\"" allow_failure: false only: - merge_requests - main - develop ``` -------------------------------- ### PL/I %INCLUDE Interpretation Example Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/languages/pli Example demonstrating how to interpret %INCLUDE statements with specific library paths and suffixes. ```css-79elbk %INCLUDE O (XX02511) as %INCLUDE 'C:/temp/o/XX02511.99IPO'; %INCLUDE lib1 as %INCLUDE 'C:/temp/syslib/lib1.pli'; ``` -------------------------------- ### SonarQube Analysis with .NET (Scripted Pipeline) Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/ci-integration/jenkins-integration/add-analysis-to-job Add SonarQube analysis to a .NET build process within a scripted Jenkins pipeline. This example demonstrates using the SonarScanner for .NET and specifies the SonarQube installation name. ```groovy node { stage('Build + SonarQube analysis') { def sqScannerMsBuildHome = tool 'Scanner for .Net Framework' withSonarQubeEnv(') {// If you have configured more than one global server connection, you can specify its name as configured in Jenkins bat "${sqScannerMsBuildHome}\\SonarScanner.MSBuild.exe begin /k:myKey" bat 'MSBuild.exe /t:Rebuild' bat "${sqScannerMsBuildHome}\\SonarScanner.MSBuild.exe end" } } } ``` -------------------------------- ### Register SonarQube with initd on Ubuntu Source: https://docs.sonarsource.com/sonarqube-server/server-installation/from-zip-file/starting-stopping-server/running-as-a-service Steps to register SonarQube as a service using initd on Ubuntu systems, including creating a symbolic link and setting permissions. ```bash sudo ln -s /bin/linux-x86-64/sonar.sh /usr/bin/sonar sudo chmod 755 /etc/init.d/sonar sudo update-rc.d sonar defaults ``` -------------------------------- ### Download Build Wrapper for Windows Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/languages/c-family/prerequisites Download the Build Wrapper for Windows from your SonarQube Server instance. Ensure the version matches your CFamily analyzer. ```bash build-wrapper-win-x86.zip ``` -------------------------------- ### SonarQube Analysis with Sonar Scanner (Declarative Pipeline) Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/ci-integration/jenkins-integration/add-analysis-to-job This example shows how to add SonarQube analysis using the generic Sonar Scanner within a declarative Jenkins pipeline. It includes steps for tool acquisition and environment variable setup. ```groovy pipeline { agent any stages { stage('SonarQube analysis') { steps { script { scannerHome = tool '' } withSonarQubeEnv('') {// If you have configured more than one global server connection, you can specify its name as configured in Jenkins sh "${scannerHome}/bin/sonar-scanner" } } } } } ``` -------------------------------- ### Download Build Wrapper for macOS (Bash) Source: https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/ci-integration/azure-pipelines/c-family-project Use this Bash script on a macOS host to download and extract the build wrapper. Replace '' with your SonarQube instance URL. ```bash curl '/static/cpp/build-wrapper-macosx-x86.zip' --output build-wrapper.zip unzip build-wrapper.zip ```