SonarCloud | Advanced setup | CI-based analysis | SonarScanner for NPM | Using the SonarScanner for NPM
Was this page helpful?
Using the SonarScanner for NPM
You can start the SonarScanner for NPM and thus, integrate it into your CI or build pipeline, in the following ways:
- From the command line.
A global mode installation of the scanner is required. - From the command line with npx.
No scanner installation is required. - By adding the analysis step to your build files.
The scanner must be added to the project’s devDependencies.
You can pass analysis parameters in the command line and in the analysis step coded in JS. In addition, the SonarScanner for NPM gets analysis parameters from different other sources: see Configuring the project analysis parameters.
Starting the scanner from the command line
- Make sure the scanner is installed in global mode: see Installing the scanner in global mode.
- Use the
sonar-scannercommand to start the analysis.
To pass analysis parameters in the command line, use the standard-Dsonar.xxx=yyysyntax.
Example:
sonar-scanner -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04eStarting the scanner from the command line with npx
- Use the
npx sonarqube-scannercommand to start the analysis.
To pass analysis parameters in the command line, use the standard-Dsonar.xxx=yyysyntax.
Example:
npx sonarqube-scanner -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04eAdding the analysis step to your build files
- Make sure the scanner is installed in your project’s devDependencies: see Adding the scanner to your project devDependencies.
- Code the analysis step in JS in your build files, as shown in the example below.
const scanner = require('sonarqube-scanner');
scanner(
{
serverUrl: 'https://sonarqube.mycompany.com',
token: '019d1e2e04eefdcd0caee1468f39a45e69d33d3f',
options: {
'sonar.projectName': 'My App',
'sonar.projectDescription': 'Description for "My App" project...',
'sonar.sources': 'src',
'sonar.tests': 'test',
},
},
() => process.exit(),
);Where the syntax is as follows:
sonarqube-scanner ( parameters, [callback] )- parameters (format: Map)
- serverUrl (format: String; optional): The URL of the SonarQube server. Defaults to the value of the SonarCloud URL (
sonar.scanner.cloudUrlproperty). - token (format: String; optional): The token used to connect to the SonarQube server or SonarCloud. Empty by default.
- options (format: Map; optional): Used to pass extra parameters for the analysis. See Configuring the analysis parameters for more details.
- serverUrl (format: String; optional): The URL of the SonarQube server. Defaults to the value of the SonarCloud URL (
- callback (format: Function; optional): Callback (the execution of the analysis is asynchronous).
© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARLINT, SONARQUBE, SONARCLOUD, and CLEAN AS YOU CODE are trademarks of SonarSource SA.
