sonar-scanner-cli
SonarScanner CLI for SonarQube and SonarCloud
100M+
SonarScanner is the official command-line tool for running code analysis on SonarQube and SonarCloud. This image is provided by SonarSource and packages the SonarScanner CLI.
NB: These Docker images are not compatible with C# and Objective-C projects. For C&C++, the docker images are only compatible with AutoConfig mode.
Version 10 has introduced a significant change that could potentially affect some users. In this version, the underlying SonarScanner CLI process is executed with a regular user (uid 1000), instead of the root user. You may encounter permission issues on your volumes or bind mounts.
Starting with version 10, the image version is distinct from the embedded SonarScanner CLI version. The tag format is: x.y.z.buildNumber_ScannerCLIVersion. Please note that the latest tag always refers to the most recent release, which may include breaking changes. To mitigate potential impacts, consider using a specific version if you prefer more control. If you wish to access the latest patch of a specific version, you can use tags that point to major or major.minor releases, such as 10 or 10.0.
To scan using the latest SonarScanner CLI Docker image, use the command:
docker run \
--rm \
-e SONAR_HOST_URL="https://${SONAR_HOST_URL}" \
-v "${PROJECT_BASEDIR}:/usr/src" \
sonarsource/sonar-scanner-cli
where:
${SONAR_HOST_URL} is the URL of your SonarQube instance or https://sonarcloud.io/ if you want to scan on SonarCloud${PROJECT_BASEDIR} is the location of the source code you want to scanFor information on how to use and configure the image, head over to the Docker section of SonarScanner CLI docs.
For support questions ("How do I?", "I got this error, why?", ...), please first read the documentation and then head to the SonarSource forum. There are chances that a question similar to yours has already been answered.
Be aware that this forum is a community, so the standard pleasantries ("Hi", "Thanks", ...) are expected. And if you don't get an answer to your thread, you should sit on your hands for at least three days before bumping it. Operators are not standing by. :-)
If you would like to see a new feature, please create a new thread in the community forum (“Product Manager of the Day”)
Copyright 2015-2024 SonarSource.
Licensed under the GNU Lesser General Public License, Version 3.0
Content type
Image
Digest
sha256:23ca0f137…
Size
490.5 MB
Last updated
about 2 months ago
docker pull sonarsource/sonar-scanner-cli:12.1.0.3233_8.0.1Pulls:
775,352
Sep 4 to Sep 10