Installing the SonarScanner for .NET
On this page
Beginning with the Sonar Scanner for .NET v8, the way the sonar.projectBaseDir property is automatically detected has changed which has an impact on the files that are analyzed and how relative properties, such as sonar.exclusions and sonar.test.exclusions, are resolved.
To customize the behavior, you can set the sonar.projectBaseDir property to point to a directory that contains all the source code you want to analyze. The path may be relative (to the directory from which the analysis was started) or absolute.
Prerequisites
- From version 7.0, Java is no longer required because the scanner will download it automatically.
- If internet access is limited in your configuration, skip the JRE provisioning and use the Java version installed locally.
- The SDK corresponding to your build system:
- For the .NET Framework v4.6.2: use either the Build Tools for Visual Studio 2015 Update 3, or the Build Tools for Visual Studio.
- If you are using the .NET version of the scanner or the .NET Core Global Tool, you will need .NET Core SDK 3.1 and above.
The flavor (either .NET Framework, .NET Core or .NET) used to compile the Scanner for .NET is independent of the .NET version used to build the project you want to analyze. Concretely, you can analyze .NET Core code with the .NET Framework version of the Scanner. It's only relevant depending on your OS, and on the versions of .NET SDKs that are installed on your build machine.
Installation
.NET Core Global Tool
Using the dotnet install tool from the command line is the simplest way to install the scanner if you are using .NET Core or later on an already installed instance of SonarQube. The .NET Core Global Tool is available from .NET Core 3.1+.
dotnet tool install --global dotnet-sonarscanner --version x.x.xThe --version argument is optional; if omitted, the latest version will be installed. The full list of release versions is available on the NuGet page.
If you can't use the dotnet install tool, other Core versions are available for download in the SonarScanner Update Center collapsible (access above, select Show more).
Standalone executable
- Expand the downloaded file into the directory of your choice. We'll refer to it as
$install_directoryin the following steps.- On Windows, you might need to unblock the ZIP file first (right-click File > Properties > Unblock).
- On Linux/OSX you may need to set execute permissions on the files in
$install_directory/sonar-scanner-(version)/bin.
- Uncomment, and update the global settings to point to SonarCloud by editing
$install_directory/SonarQube.Analysis.xml. Values set in this file will be applied to all analyses of all projects unless overwritten locally.
Consider setting file system permissions to restrict access to this file:
<SonarQubeAnalysisProperties xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.sonarsource.com/msbuild/integration/2015/1">
<Property Name="sonar.host.url">https://sonarcloud.io</Property>
<Property Name="sonar.token">[my-user-token]</Property>
</SonarQubeAnalysisProperties>- Add
$install_directoryto yourPATHenvironment variable.
Related pages
Introduction to the SonarScanner for .NET
Was this page helpful?
© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
