This version of the SonarQube documentation is no longer maintained. It relates to a version of SonarQube that is not active.

Using the SonarScanner for NPM

To start the SonarScanner for NPM, you can either add the analysis to your build files, or use the scanner start command line (with or without npx).

You can start the Introduction and thus, integrate it into your CI or build pipeline, in the following ways:

  • From the command line. A global mode installation of the scanner is required.

  • From the command line with npx. No scanner installation is required.

  • By adding the analysis step to your build files. The scanner must be added to the project’s devDependencies.

You can pass analysis parameters in the command line and in the analysis step coded in JS. In addition, the SonarScanner for NPM gets analysis parameters from different other sources: see Configuring the analysis parameters. To get started, you must configure at a minimum the Analysis parameters and the Analysis parameters used to connect to the server.

The SonarScanners run on code that is checked out. See Verifying the code checkout step.

Starting the scanner from the command line

  1. Make sure the scanner is installed in global mode: see Installing the SonarScanner for NPM.

  2. Use the sonar-scanner command to start the analysis. To pass analysis parameters in the command line, use the standard -Dsonar.xxx=yyy syntax. Example:

sonar-scanner -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04e

Starting the scanner from the command line with npx

  • Use the npx sonarqube-scanner command to start the analysis. To pass analysis parameters in the command line, use the standard -Dsonar.xxx=yyy syntax. Example:

npx sonarqube-scanner -Dsonar.host.url=https://myserver.com -Dsonar.token=019d1e2e04e

Adding the analysis step to your build files

  1. Make sure the scanner is installed in your project’s devDependencies: see Installing the SonarScanner for NPM.

  2. Code the analysis step in JS in your build files, as shown in the example below.

const scanner = require('sonarqube-scanner');
scanner(
  {
    serverUrl: 'https://sonarqube.mycompany.com',
    token: '019d1e2e04eefdcd0caee1468f39a45e69d33d3f', 
    options: {
      'sonar.projectName': 'My App',
      'sonar.projectDescription': 'Description for "My App" project...',
      'sonar.sources': 'src',
      'sonar.tests': 'test', 
    },
  },
  () => process.exit(),
);

Where the syntax is as follows:

sonarqube-scanner ( parameters, [callback] )

  • parameters (format: Map)

    • serverUrl (format: String; optional): The URL of the SonarQube server. Defaults to the value of the SonarCloud URL (sonar.scanner.cloudUrl property).

    • token (format: String; optional): The Generating and using tokens used to connect to the SonarQube server or SonarCloud. Empty by default.

    • options (format: Map; optional): Used to pass extra parameters for the analysis. See Configuring the analysis parameters for more details.

  • callback (format: Function; optional): Callback (the execution of the analysis is asynchronous).

PreviousInstalling the SonarScanner for NPMNextConfiguring the analysis parameters

Last updated

Was this helpful?