You can connect the SonarLint extension of your IDE to SonarQube 8.9+ or SonarCloud to take advantage of having consistent issues reported on both sides. Setting up Connected Mode will permit the transmission of information SonarLint needs, such as URLs and user credentials, to communicate with SonarQube or SonarCloud. Binding your local workspace folder to your SonarQube/SonarCloud project(s), you can benefit from the same rules and settings that are used to inspect the project on the server.
While in Connected Mode, SonarLint receives notifications from SonarQube/SonarCloud about your Quality Gate changes and new issues. Notifications can be enabled or disabled from the UI while creating or editing the connection settings.
Features when Connected Mode is used:
- Use the same quality profile locally as is defined on the server. For example, applying the same rules activation, parameters, severity, etc.
- Apply settings, such as rule exclusions and analyzer parameters, defined on the server to the local analysis.
- Automatically suppress issues that are marked as Won’t Fix or False Positive on the server to the issues reported locally.
Connected Mode does not push issues to the server. Rather, its purpose is to configure the IDE so that it uses the same settings as the server.
Having a SonarQube 8.9+ project or a SonarCloud project is required to run SonarLint for Eclipse in Connected Mode. The Rules page has a complete overview outlining which additional rules are available when using Connected Mode.
It is important that SonarLint knows on which branch the user is at that moment in order to sync the active file with the server when using Connected Mode. Therefore, SonarLint will automatically detect when the local git branch changes; and while running in Connected Mode, it will recalculate the closest Sonar branch in the background to know which taint issues and suppressions to fetch from the server (for example, issues marked as “safe” or “won’t fix” in SonarQube).
In Connected Mode, SonarLint synchronizes some data from the issues that were found on the server side, most importantly the status and resolution. Branch awareness allows SonarLint to consider the branch currently checked out in the IDE and synchronize with the most appropriate branch from the server.
SonarLint for Eclipse only supports git and the git branch name with regard to branch matching; to do this, Eclipse’s relies on the EGit project.
If there is no EGit, SonarLint considers that there is no source code management (SCM) provider. Some distributions for Java or Python, for example, come with packages of bundles preinstalled, but you can also install the needed components.
In addition, your project must be under Git source control; simply installing EGit is not enough to take advantage of the Branch awareness feature. Git source control is necessary to avoid false expectations, for example, from some Cobol IDE users. See the EGit documentation for more information.
1. From SonarLint for Eclipse 7.8+, it is possible to open the Sonar connection wizard using one of these two methods to set up Connected Mode:
- Go to File > New > Other… to open Eclipse’s Select a wizard menu. Then, find SonarLint > New SonarQube/SonarCloud Connection and select Next.
- Right-click in the SonarLint Bindings tasks view tab and select New Connection…. This method will start the wizard right away.
2. Choose either SonarCloud or SonarQube, then select the Next button to continue:
3. For SonarQube, enter your SonarQube server URL:
4. Choose the authentication method & authenticate:
- Token: generate a user token on SonarQube, to be used by SonarLint as an authentication method. This is the preferred way to avoid the risk of compromising your username/password. Note that a user token is the only token type that works with Connected Mode.
- Username + Password: use directly your SonarQube credentials (not recommended)
- Enter your SonarQube token or username/password. Then continue with step 5 below.
- Generate a token on SonarCloud, to be used by SonarLint as the authentication method.
- The connection wizard will provide this link: https://sonarcloud.io/account/security, as a shortcut.
- Select your organization; a filtered list will appear as you start typing.
5. Name your Connection.
7. And select Finish to complete the Connection wizard, before moving on to the binding wizard.
Once set up, SonarLint will automatically check your SonarQube or SonarCloud organization’s project list against open or newly opened projects in your workspace to suggest a binding.
If you just created a new connection, the Connection wizard will transition into a Binding wizard where you can add projects that you want to bind. Or, you can select your SQ or SC server in the SonarLint Bindings tab, right-click, and select Bind Projects… to open the wizard, then Add… to open the Project selection window.
- The Project selection window presents a list of projects open in the Eclipse workspace.
- In the next window, start typing the name of a project you have on the server; double-click on the matching project and the wizard will grab and load the Project Key.3. Click Finish and check the progress bar in the lower right corner.
Connections and their bindings can be retrieved from the SonarLint Bindings view tab which is found by navigating to the File Menu > Window > Show View > Other... > SonarLint > SonarLint Bindings:
Right-clicking on a connection will open a tooltip to edit or delete the connection and can be useful for example to update credentials and bindings if they have changed.
Right-clicking on a connection will reveal an option to select Update All Project Bindings.
SonarLint enables users to establish a connection to the latest SonarQube version and to the latest LTS version. When a new LTS version is released (approximately every 18 months), we still enable connecting SonarLint to the previous LTS version for a certain period of time (currently 12 months after the latest LTS release) to allow enough time for organizations to upgrade their SonarQube version.
For more information about long-term support of SonarQube, check out our page describing "what is an LTS". And, to review IDE-specific requirements, please check the respective pages of the documentation as listed in the next paragraph.
When you are using Connected Mode and connected to the server, you can be notified in your IDE with smart notifications as soon as something appears on the server that something failed, or when the Sonar Quality Profile is updated, for example. The notification will include a link to call back to SonarQube or SonarCloud where you can learn more about the issues that were introduced. Sonar Smart Notifications are available in all editions of SonarQube and SonarCloud.
Connected Mode allows SonarQube to send smart alerts to individuals or teams as soon as something appears on the server that something failed, when new issues are discovered or when the Sonar Quality Profile is updated, for example. With everyone in the loop, issues can be addressed promptly, improving the overall software quality and delivery. The notification will include a link to call back to SonarQube or SonarCloud where you can learn more about the issues that were introduced.
You'll receive smart notifications in your IDE when:
- the quality gate status of a project open in your IDE changes (see the SonarQube or SonarCloud documentation for details about using quality gates in your project)
- a SonarQube or SonarCloud analysis raises new issues that you've introduced in a project open in your IDE
You can activate or deactivate smart notifications in SonarLint on the IDE side on a server-by-server basis.
Sonar Smart Notifications are available in all editions of SonarQube and SonarCloud.
Activation and Deactivation of Sonar Smart Notifications occurs in the IDE during the binding process. To change your notification settings, go to the SonarLint Bindings view, right-click the connection you want to change, and select Edit Connections….
© 2015-2023, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under the GNU Lesser General Public License, Version 3.0. SONARLINT is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners. See SonarSource.com for everything you need to know about the Sonar Solution.