How to run SonarQube Analysis in Visual Studio Console

To generate a SonarQube token (required for authentication when running analyses from the command line or CI/CD pipelines), follow these steps:

Steps to Generate a SonarQube Token

  1. Log in to your SonarQube server (e.g., http://localhost:9000 for local setups).
  2. Click your profile icon (top-right corner) → “My Account”.
  3. Go to the “Security” tab.
  4. Under “Tokens”, enter a name for your token (e.g., vs-console-token).
  5. Click “Generate”.
  6. Copy the token immediately (it won’t be shown again!).
    Example token format: sqp_1234567890abcdef

How to Use the Token

  • In dotnet-sonarscanner commands, pass the token via:shCopyDownloaddotnet sonarscanner begin /k:”your-project-key” /d:sonar.host.url=”http://localhost:9000″ /d:sonar.login=”sqp_1234567890abcdef”
  • For security, never hardcode the token in scripts. Use:
    • Environment variables (e.g., SONAR_TOKEN).
    • Secret management tools (e.g., Azure Key Vault, GitHub Secrets).

Important Notes

  • 🔒 Treat tokens like passwords (they grant access to your SonarQube projects).
  • 🔄 Regenerate tokens periodically or revoke old ones (under “Security”).
  • 🚫 No token? You’ll get errors like Not authorized or Authentication failed.

Example Workflow

# Set token as an environment variable (optional)
set SONAR_TOKEN=sqp_1234567890abcdef

# Run analysis (Windows CMD)
dotnet sonarscanner begin /k:"my-project" /d:sonar.host.url="http://localhost:9000" /d:sonar.login="%SONAR_TOKEN%"
dotnet build
dotnet sonarscanner end /d:sonar.login="%SONAR_TOKEN%"

Get the SonarQube Project URL

The project URL is the web address of your project in SonarQube. It typically follows this format:

http://<sonarqube-server-url>/dashboard?id=<project-key>
  • <sonarqube-server-url>: The host where SonarQube is running (e.g., http://localhost:9000 if running locally).
  • <project-key>: The unique key assigned to your project in SonarQube.

How to Find the Project Key?

  1. Log in to your SonarQube server.
  2. Navigate to your project.
  3. Check the URL in the browser’s address bar (e.g., http://localhost:9000/dashboard?id=my-project-key).
  4. Alternatively, go to Project Settings → General Settings → Key.

2. Run SonarQube Analysis in Visual Studio Console

To analyze a .NET project in Visual Studio Developer Command Prompt (or terminal), use the SonarScanner for .NET (dotnet-sonarscanner).

Prerequisites

  • Install Java (required for SonarQube scanner).
  • Install SonarScanner for .NET:shCopyDownloaddotnet tool install –global dotnet-sonarscanner

Steps to Run Analysis

  1. Start the SonarQube Analysis:shCopyDownloaddotnet sonarscanner begin /k:”” /d:sonar.host.url=”” /d:sonar.login=”
    • Replace:
      • <project-key> with your SonarQube project key.
      • <sonarqube-server-url> with your SonarQube server URL (e.g., http://localhost:9000).
      • <token> with a SonarQube user token.
  2. Build Your Project:shCopyDownloaddotnet build
  3. Complete & Publish Results to SonarQube:shCopyDownloaddotnet sonarscanner end /d:sonar.login=”<token>”
  4. Check Results:
    • Open the SonarQube project URL (e.g., http://localhost:9000/dashboard?id=my-project-key) in a browser.

Example

# Start analysis
dotnet sonarscanner begin /k:"my-dotnet-app" /d:sonar.host.url="http://localhost:9000" /d:sonar.login="sqp_1234567890abcdef"

# Build the project
dotnet build

# End analysis & upload results
dotnet sonarscanner end /d:sonar.login="sqp_1234567890abcdef"

After running these commands, your analysis results will appear in the SonarQube dashboard.

FavoriteLoadingAdd to favorites
Spread the love

Author: Shahzad Khan

Software developer / Architect

Leave a Reply