A quick Sonar scanner (command line) container.
This Dockerfile sets up the command line scanner vs. any other existing analysis method. For other analysis methods, see the bottom of this page:
For details on running the command line scanner:
and for a list of command-line options: http://docs.sonarqube.org/display/SONAR/Analysis+Parameters
NOTE: I usually only test the latest version of the scanner, even though I might update the older Dockerfiles here and there. So YMMV. Let me know if there are issues, though.
Using the official Sonar Qube Docker image:
docker run -d --name sonarqube -p 9000:9000 -p 9092:9092 sonarqube
docker run -ti -v $(pwd):/usr/src --link sonarqube newtmitch/sonar-scanner
Run this from the root of your source code directory, it'll scan everything below it.
This uses the latest Qube image - if you want LTS, use image name sonarqube:lts
.
Run the alpine version:
docker run -ti -v $(pwd):/usr/src --link sonarqube newtmitch/sonar-scanner:alpine
If you want to run without a local SonarQube instance (i.e. using a remote SonarQube),
just leave off the --link
parameter:
docker run -ti -v $(pwd):/usr/src newtmitch/sonar-scanner
- Separated Dockerfile command into ENTRYPOINT and CMD operations to better follow Dockerfile best practices (see https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#entrypoint). (issue #29)
- Commented out
sonar.exclusions
from thesonar-runner.properties
file included in the image by default (issue #25) - Removed the use of the
/root
directory as part of the image build. Using/usr/lib
,/usr/bin
, and/usr/src
now (issue #26)
- Added Scanner v3.3.0 to Dockerfiles (@mpodlodowski)
- Decreased size of images by combining multiple command line operations into a single RUN command (@DmitriyStoyanov)
- Changed Sonar Scanner URL from bintray to sonarsource (@parnpresso)
- Added NodeJS to the image to support JS/TS scanning (fixes #9)
- Returned default timezone to original maintainers (@danstreeter)
- Added Scanner v3.2.0 to Dockerfiles (@danstreeter)
- Removed the 2.5.1 sonar scanner images, as the downloads for that version are no longer available.
- Normalized the name of the unzipped sonar scanner directory to
sonar-scanner
so specific version numbers weren't included in the directory name. This allows for easier config replacement at runtime and (hopefully) reduces unnecessary complexity / specificity. - Added a new tag for the latest version of Sonar Scanner with the alpine base image:
newtmitch/sonar-scanner:alpine
- Added some more instructions for running the sonar scanner and replacing the image-internal sonar-runner.properties with the external version at runtime (via normalizing the sonar scanner directory name).
- Added instructions for myself later so I can more quickly run the build / update commands
To run the scanner you must have a Sonar Qube running. If you don't already have a Qube instance running somewhere, you can start one via Docker using the official Docker image or the variant I have below.
If you prefer to use an official Sonar Qube image, run the following command. Note that if you need a particular version of Sonar Qube, you need to use something like sonarqube:5.2
instead of what's shown below.
docker run -d --name sonarqube -p 9000:9000 -p 9092:9092 sonarqube
If you prefer a server build that automatically sets the timezone when you start it you can use the custom image variant I have here per the command below. If you omit the TZ parameter, it'll default to CST.
docker run -d --name sonarqube -e "TZ=America/Chicago" -p 9000:9000 -p 9092:9092 newtmitch/sonar-server
After your server is running, run the following command from the command line to start the scanner. This uses the default settings in the sonar-runner.properties file, which you can overload with -D commands (see below).
docker run -ti -v $(pwd):/usr/src --link sonarqube newtmitch/sonar-scanner
Replace "$(pwd)" with the absolute path of the top-level source directly you're interested in if you're not running the docker image from the top level project directory. It will scan everything under that directory when it starts up.
If you need to use a different directory as the project base directory, you can pass that in as part of the docker run command to override that default:
docker run -ti -v $(pwd):/usr/src --link sonarqube newtmitch/sonar-scanner -Dsonar.projectBaseDir=/my/project/base/dir
The supplied sonar-runner.properties file points to http://192.168.99.100 as the Qube server. If you need to change that or any other of the variables that Scanner needs to run, you can pass them in with the command itself to override them:
docker run -ti -v $(pwd):/usr/src --link sonarqube newtmitch/sonar-scanner sonar-scanner -Dsonar.host.url=YOURURL -Dsonar.projectBaseDir=/usr/src
or if you're running the newtmitch/sonar-scanner:2.5.1
image, because the script name changed between 2.5.1 and 3.0.3 at some point:
docker run -ti -v $(pwd):/usr/src --link sonarqube newtmitch/sonar-scanner sonar-runner -Dsonar.host.url=YOURURL -Dsonar.projectBaseDir=/usr/src
Here's a fully-loaded command line (based on latest/3.0.3 version) that basically overrides everything from the sonar-runner.properties file on the command-line itself. The settings shown here match those in the sonar-runner.properties file.
docker run -ti -v $(pwd):/usr/src --link sonarqube newtmitch/sonar-scanner sonar-scanner \
-Dsonar.host.url=http://sonarqube:9000 \
-Dsonar.jdbc.url=jdbc:h2:tcp://sonarqube/sonar \
-Dsonar.projectKey=MyProjectKey \
-Dsonar.projectName="My Project Name" \
-Dsonar.projectVersion=1 \
-Dsonar.projectBaseDir=/usr/src \
-Dsonar.sources=.
Or just have your local sonar-runner.properties override the default version built into the scanner image. Note that you'll likely have to modify your paths to pick up the properties file, source directories, or copy the sonar-runner.properties file into your actual source code project in order to have it be called with this command as-written below.
docker run -ti \
--rm \
-v $(pwd):/usr/src \
-v $(pwd)/sonar-runner.properties:/usr/lib/sonar-scanner/conf/sonar-scanner.properties \
--link sonarqube \
newtmitch/sonar-scanner sonar-scanner
As of Aug 3, 2018, I installed Node as part of the scanner image so it can properly scan JS and TS
files as-needed. The SonarQube server excludes **/node_modules/**
file patterns by default as
part of JS and TS general settings (Adminstration -> Configuration -> General Settings). You can
override those from a local sonar-runner.properties file:
sonar.exclusions=**/node_modules/**/*
or via the command line:
docker run -ti -v $(pwd):/usr/src --link sonarqube newtmitch/sonar-scanner sonar-scanner \
-Dsonar.exclusions=**/node_modules/**/*
I have this included and commented out in the sonar-runner.properties that ships as part of this image.
To build this scanner image, just issue a standard Docker build command - make sure to specify the Dockerfile that you're building:
docker build -t newtmitch/sonar-scanner:latest -f Dockerfile.sonarscanner-3.2.0-full .
To build the customized Sonar Qube server, run the following command. See the Server image section below for details on this image build.
docker build -t my-sonar-server -f Dockerfile.server .
These sections are here so Mitch can quickly run Docker commands without having to reconstruct them all the time. You don't have to worry about this stuff unless you really want to. But keeping them up to date is nice if you do PR's... 😄
Run these commands to build Docker images:
docker build -t newtmitch/sonar-scanner:latest -f Dockerfile.sonarscanner-4.0.0-full . && \
docker tag newtmitch/sonar-scanner:latest newtmitch/sonar-scanner:4.0.0 && \
docker tag newtmitch/sonar-scanner:latest newtmitch/sonar-scanner:4.0 && \
docker tag newtmitch/sonar-scanner:latest newtmitch/sonar-scanner:4 && \
docker build -t newtmitch/sonar-scanner:4.0.0-alpine -f Dockerfile.sonarscanner-4.0.0-alpine . && \
docker tag newtmitch/sonar-scanner:4.0.0-alpine newtmitch/sonar-scanner:alpine && \
docker tag newtmitch/sonar-scanner:4.0.0-alpine newtmitch/sonar-scanner:4.0-alpine && \
docker tag newtmitch/sonar-scanner:4.0.0-alpine newtmitch/sonar-scanner:4-alpine && \
docker build -t newtmitch/sonar-scanner:3.3.0 -f Dockerfile.sonarscanner-3.3.0-full . && \
docker tag newtmitch/sonar-scanner:3.3.0 newtmitch/sonar-scanner:3.3 && \
docker tag newtmitch/sonar-scanner:3.3.0 newtmitch/sonar-scanner:3 && \
docker build -t newtmitch/sonar-scanner:3.3.0-alpine -f Dockerfile.sonarscanner-3.3.0-alpine . && \
docker tag newtmitch/sonar-scanner:3.3.0-alpine newtmitch/sonar-scanner:3.3-alpine && \
docker tag newtmitch/sonar-scanner:3.3.0-alpine newtmitch/sonar-scanner:3-alpine && \
docker build -t newtmitch/sonar-scanner:3.2.0 -f Dockerfile.sonarscanner-3.2.0-full . && \
docker tag newtmitch/sonar-scanner:3.2.0 newtmitch/sonar-scanner:3.2 && \
docker build -t newtmitch/sonar-scanner:3.2.0-alpine -f Dockerfile.sonarscanner-3.2.0-alpine . && \
docker tag newtmitch/sonar-scanner:3.2.0-alpine newtmitch/sonar-scanner:3.2-alpine && \
docker build -t newtmitch/sonar-scanner:3.0.3 -f Dockerfile.sonarscanner-3.0.3-full . && \
docker tag newtmitch/sonar-scanner:3.0.3 newtmitch/sonar-scanner:3.0 && \
docker build -t newtmitch/sonar-scanner:3.0.3-alpine -f Dockerfile.sonarscanner-3.0.3-alpine .
docker push newtmitch/sonar-scanner:latest && \
docker push newtmitch/sonar-scanner:4.0.0 && \
docker push newtmitch/sonar-scanner:4.0 && \
docker push newtmitch/sonar-scanner:4 && \
docker push newtmitch/sonar-scanner:4.0.0-alpine && \
docker push newtmitch/sonar-scanner:4.0-alpine && \
docker push newtmitch/sonar-scanner:4-alpine && \
docker push newtmitch/sonar-scanner:alpine && \
docker push newtmitch/sonar-scanner:3.3.0 && \
docker push newtmitch/sonar-scanner:3.3 && \
docker push newtmitch/sonar-scanner:3 && \
docker push newtmitch/sonar-scanner:3.3.0-alpine && \
docker push newtmitch/sonar-scanner:3.3-alpine && \
docker push newtmitch/sonar-scanner:3-alpine && \
docker push newtmitch/sonar-scanner:3.2.0 && \
docker push newtmitch/sonar-scanner:3.2 && \
docker push newtmitch/sonar-scanner:3.2.0-alpine && \
docker push newtmitch/sonar-scanner:3.2-alpine && \
docker push newtmitch/sonar-scanner:3.0.3 && \
docker push newtmitch/sonar-scanner:3.0 && \
docker push newtmitch/sonar-scanner:3.0.3-alpine
I've also included Dockerfile.server, which uses the sonarqube:latest image as a basis and basically puts in the mechanism to update the server time to a user-defined time zone vs. the default (correct time reporting for analyzer runs).
You can modify the Dockerfile to update the timezone, or just pass in the environment variable on-demand (assumes you build it with tag mitch/sonarqube
). If you omit the TZ setting it'll default to CST.
docker run -d --name sonarqube -e "TZ=America/Chicago" -p 9000:9000 -p 9092:9092 newtmitch/sonar-server