Open in app

Sign in

Write

Sign in

Sonarqube Installation on Windows 10

Dive Deeper
3 min readFeb 24, 2021

--

I’m no expert, but I’ve successfully installed a version of the Sonarqube community on Windows 10.

No mysql or github used.

Process in Simple Few lines:

  • Install Java
  • Install Sonarqube
  • Download the code
  • Run the Scanner

Here you Go::

Things to remember:

  • Once you start the Sonarqube server on the command line, do not close the window until completion of the implementation.
  • Run command prompt as administrator
  • I used the C: drive for implementation and used D: to keep the code. You can check your own drive numbers before executing the commands

Java

  • Download and Install Jdk11
  • If you have a different version of Java running, or if you face some problems when downloading sonarqube. Conduct the next move
  • Go to control panel → system → advanced system setting →
    advanced → Environmental variables
  • Under system variables look for path and edit it
  • Click new and add the java 11 path(which is usually in program files/java)
  • Click ok
  • From command prompt run “java -version” to verify version

Sonarqube Community Version Implementation

  • Go to Sonarqube — Product — Code Security — Security Analysis
  • Download the community Edition
  • Unzip the file
  • Go to location C:\sonarqube-8.6.1.40680\conf
  • Open wrapper.conf in notepad
  • Edit wrapper.java.command and provide correct location for jdk11
    wrapper.java.command=C:/Program Files/Java/jdk-11.0.10/bin/java
  • Go to C:\sonarqube-8.6.1.40680\bin\windows-x86–64 and run Startsonar
  • You can run it from the command prompt as well, only so the screen won’t vanish in the event of an error.
  • If everything is done well you should be able to see below commands

jvm 1 | 2021.02.24 19:44:08 INFO app[][o.s.a.SchedulerImpl] Process[ce] is up
jvm 1 | 2021.02.24 19:44:08 INFO app[][o.s.a.SchedulerImpl] SonarQube is up

  • Keep the windows open while running the sonarqube
  • Open it in the browser http://localhost:9000 (default username password is admin/admin)
  • Error : BindHttpException[Failed to bind to 127.0.0.1:9001]; nested: BindException[Address already in use: bind];
    If you get the above error then try
  • Go to command prompt -> netstat — ano | findstr 9001 (to find the port)
  • Note pid which is at the last column
  • Kill it taskkill -pid <pid number> /f

But

  • It didn’t work in my case
  • Go to C:\sonarqube-8.6.1.40680\conf and open sonar
  • Search for sonar.search.port and change the value to 0
  • sonar.search.port=0 (0 will find any random available port and it will map it to the port)

Sonarqube portal user creation

  • Click on Administration
  • Security — users — create user
  • Provide the details, don’t clicking scm account
  • Sign out and login using user account
  • Create project -> provide the name , you can keep the same key
  • Generate Token key and copy it. This would be required later
  • Logout and log in with Administrator account
  • Click on project — Project settings — permissions
  • Add “Execute Analysis” permission for the user

Sonarqube Scanner

  • You need scanner to scan the project and to integrate it with portal
  • Go to the url https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/
  • Click windows 64bit. It will start the download process
  • Unzip it to the drive.(remember, once you have decided the location, don’t change it)
  • We need to add path as we did for Java
  • Go to control panel — system — advanced system setting — advanced — Environmental variables
  • Under system variables look for path and edit it

C:\sonar-scanner-cli-4.6.0.2311-windows\sonar-scanner-4.6.0.2311-windows\bin

  • Run the command sonar-scanner.bat -h
  • If you get below output, it means sonar-scanner is working

INFO:

INFO: usage: sonar-scanner [options]

INFO:

INFO: Options:

INFO: -D, — define <arg> Define property

INFO: -h, — help Display help information

INFO: -v, — version Display version information

INFO: -X, — debug Produce execution debug output

  • Go to C:\sonar-scanner-cli-4.6.0.2311-windows\sonar-scanner-4.6.0.2311-windows\conf
  • Edit sonar-scanner
  • Provide below details. (use the same project name and key which you configured on the portal). Version doesn’t matter. Put 1.0
  • Sonar.sources is the path where your code resides

sonar.projectKey=TestSonar

sonar.projectName=TestSonar

sonar.projectVersion=1.0

sonar.sources=D:/verademo-master/verademo-master/src/main/java/com/veracode/verademo/controller

  • Save it
  • Open command prompt
  • Run this command from the path where your code exists
  • In my case, I executed from D:/verademo-master/verademo-master/src/main/java/com/veracode/verademo/controller.
    Here is the command:

sonar-scanner -Dsonar.login=db547irf11f2eh2fg8976d0bc43564ab9b99998a

Here at the last you have to use the token key which you generated before

~~Thanks

Sonarqube
Sast
Static Code Analysis

--

--

Dive Deeper
Dive Deeper

Written by Dive Deeper

0 Followers
1 Following

no te rindas is Spanish word which translates to Don’t give up. This is my belief or driving force which works for me.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams