Sonarqube and Docker

Sonarqube provides static code analysis, testing and continuous inspection. Also see Quality Assurance Tools

You can also have these validations as part of your IDE –


To spin up a docker container you can use the public sonarqube image and embedded H2 database (not suited for production) however fine for stand alone small projects.

  1. Spin up a container, there is a shell script here
    1. Default login is admin/admin
    2. Create a key and project
  2. Example key – 93292c24ba95f6dc5a9275ec169dd654a3382a2d
    1. Example project – PatternsAndPrinciples
  3. Download .Net Core SDK (if your target project is .Net Core)
    1. dotnet-sdk-2.1.302-win-x64.exe
    2. If you are targeting classic .net as long as you have msbuild you are fine
  4. Download Java Runtime
    1. jre-8u181-windows-x64.exe
  5. Download sonar-scanner-msbuild
    2. extract to C:\sonarscanner-msbuild-netcoreapp2\
    3. Add the path to your Environmental Variables – Path
      1. Ensure you add with the ending \

Run For .Net Core

Once you have the container up and the above installed, navigate via command prompt to the path your solution is on your local disk, example:

  • C:\Dev-Code-School\Boilerplate\Class Library\PatternsAndPrinciples

Then run the following substituting your container hosts IP and your key

dotnet sonarscanner begin /k:"PatternsAndPrinciples" /"" /d:sonar.login="93292c24ba95f6dc5a9275ec169dd654a3382a2d"

Then build

dotnet build

Then end, once done navigate to the sonarcube containers UI and fix what it moans about :D

dotnet sonarscanner end /d:sonar.login="93292c24ba95f6dc5a9275ec169dd654a3382a2d"


If you need to exclude a class from quality checks while you are dev/testing just add [ExcludeFromCodeCoverage]