NB: These Docker images are not compatible with C/C++/Objective-C projects.
This image is currently in Beta testing and is made available to gather feedback.
Have Question or Feedback?
For support questions ("How do I?", "I got this error, why?", ...), please first read the documentation and then head to the SonarSource forum. There are chances that a question similar to yours has already been answered.
Be aware that this forum is a community, so the standard pleasantries ("Hi", "Thanks", ...) are expected. And if you don't get an answer to your thread, you should sit on your hands for at least three days before bumping it. Operators are not standing by. :-)
If you would like to see a new feature, please create a new thread in the forum "Suggest new features".
Please be aware that we are not actively looking for feature contributions. We typically accept minor improvements and bug-fixes.
With that in mind, if you would like to submit a code contribution, please create a pull request for this repository. Please explain your motives to contribute this change: what problem you are trying to fix, what improvement you are trying to make.
Copyright 2015-2020 SonarSource.
Licensed under the GNU Lesser General Public License, Version 3.0
How to run the Docker image
You can then run the following command:
docker run -e SONAR_HOST_URL=http://foo.acme:9000 --user="$(id -u):$(id -g)" -it -v "/path/to/project:/usr/src" sonarsource/sonar-scanner-cli
To analysis the project in the current directory:
docker run -e SONAR_HOST_URL=http://foo.acme:9000 --user="$(id -u):$(id -g)" -it -v "$PWD:/usr/src" sonarsource/sonar-scanner-cli
The scanner writes to the analysed project's directory, in directory
By default scanner writes with user id
1000 and group id
--user option (see sample commands above) is used on Linux to have the scanner write with the same user and group as the caller to the
docker run command.
The command is quite similar to the one for Linux except that you don't need to specify
To analyse the project located in
docker run -e SONAR_HOST_URL=http://foo.acme:9000 -it -v "/path/to/project:/usr/src" sonarsource/sonar-scanner-cli
To analyse the project in the current directory, execute:
docker run -e SONAR_HOST_URL=http://foo.acme:9000 -it -v "$(pwd):/usr/src" sonarsource/sonar-scanner-cli
Supported environment variables
SonarQube host and authentication
SONAR_HOST_URL: URL to the SonarQube instance the scanner should connect to (default=
SONAR_TOKEN: the prefered way to authenticate to SonarQube is to use a token. Use this environment variable to pass it to the scanner
SONAR_PASSWORD: alternatively, you can provide the SonarQube username and password for the scanner to use using these two variables
Project mounting point
By default, the scanner analyses the project in directory
If you can't mount the project into this directory (eg. in Gitlab CI), use
SONAR_PROJECT_BASE_DIR to specify another location in the container.
Scanner user home
The scanner downloads data from the SonarQube server it connects to. Retrieving this data can take time and certainly takes bandwidth. For efficiency, the scanner caches this data in the user home (directory named
When running the scanner with this image, this
.sonar directory is created in the project's directory (see
SONAR_PROJECT_BASE_DIR). This implies caching is not happening accross analysis of multiple projects.
Caching is actually shared between projects when running the scanner natively as the
.sonar is created in the home directory of the current user (eg.
You can reproduce this behavior, by adding the following to the
docker run command:
-e SONAR_USER_HOME=/usr/.sonar -v "/home/my_user/.sonar:/usr/.sonar"
Developer documentation is available in DEVELOPER.md.