SonarQube is an open platform to manage code quality. SonarQube is a web-based application. Rules, alerts, thresholds, exclusions, settings… can be configured online. By leveraging its database, SonarQube not only allows to combine metrics altogether but also to mix them with historical measures. More than 20 programming languages are covered through plugins including Java, C#, Javascript, CSS, Swift, C/C++, PL/SQL, Cobol, ABAP etc. This post is about installing and configuring SonarQube to review C# code.

First you need to download following applications.

• SonarQube 5.1
• Sonar Runner

Once downloaded, you need to extract the zip files, both SonarQube and SonarRunner. Sonar Qube is the server and Sonar runner is the client application which does the analysis using various plugins and updates the result back to the server. You can verify the installation by invoking the StartSonar.bat inside the C:\sonarqube-5.1\bin\windows-x86-64 folder. You will see a console window like this, if your environment is configured properly.

You can also open http://localhost:9000, to verify SonarCube is running or not.You will find something like this.

You require Oracle JRE 7+. You can get the detailed system requirements from here. As mentioned earlier, you require Sonar Runner to execute the review process in the client side. You need to add the Sonar runner to the system variables, which will helps to execute sonar runner from any folder location.

You can verify Sonar runner is working or not by providing Sonar-runner -h command on commandline. If it is crashing there is some problem with your Java installation, otherwise it will printout something like this.

You require various plugins to do analysis. You can install the plugins either using the web portal or you can download the plugins and copy the files to C:\sonarqube-5.1\extensions\plugins folder. To install plugins via Web Portal, you need to login to SonarQube as administrator (Default credentials are admin/admin), Click on Settings < System and under System select Update Center.

It will display the already installed plugins, and you can install new plugins from available plugins tab. You may need to restart the SonarQube server to complete the installation.

You have completed the environment setup to do the code review. You require a “sonar-project.properties” file for each solution. This file will need to exist in the folder from which you execute the sonar-runner. Here is the minimal sonar-project.properties file.

# must be unique in a given SonarQube instance
sonar.projectKey=my:project
# this is the name displayed in the SonarQube UI
sonar.projectName=My project
sonar.projectVersion=1.0
 
# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
# Since SonarQube 4.2, this property is optional if sonar.modules is set. 
# If not set, SonarQube starts looking for source code from the directory containing 
# the sonar-project.properties file.
sonar.sources=.
 
# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=UTF-8

You can the analysis by executing sonar-runner command.

Once the analysis completes, you can see the analysis results in the Sonarcube webportal.

In the next post I will cover how to configure ReSharper and StyleCop for C# code analysis.

Happy Programming. :)