Just the other day, I wanted to run a static analysis on a project I am working on, to know the number of lines of codes mainly, and to see other metrics.

There are good static analysis tools out there, and the one we had a pleasurable experience with at work is sonarqube, so I went with it, but sonarqube is a server application and requires some dependencies to run, and I didn’t want to install java runtime just to know the number of my project code lines, what could be the solution?, if you are screaming DOCKER then you are right, the sonarqube team provides the sonarqube server packaged in a docker container, even better they provide an alpine version of it, good news for my limited internet connection.

The sonarqube docker image is a Linux based one, so on windows, if you are running docker using docker on windows, you need to switch to Linux containers, after which you do an image pull

docker pull sonarqube:alpine

we have pulled the slimmer alpine version to cut on the download size, to run the sonarqube server, simple write -or if you are like me, copy paste- the following

docker run -d --name sonarqube -p 9000:9000 -p 9092:9092 sonarqube

this will run the server, forwarding to the local ports on your machine,

next is to run static analyzer on the project, for that, you will need to download the static analyzer, you will need to choose the analyzer based on the .NET framework you use, for me the version was NET Framework 4.6+. once you extract the analyzer binaries, locate and open the SonarQube.Analysis.xml configuration file, in it, you will find commented settings tags, namely “sonar.host.url”, “sonar.login” and “sonar.password”, for the first one leave the default setting or punch-in the port if you used a port other than 9000 to map the running sonarqube container, for the other two use admin for both, as those are the default credentials for the container. next, go through the commands below

sonarqube.msbuild.exe start /k:"unique-key-for-your-project"
msbuild /t:Rebuild
sonarqube.msbuild.exe end

when sonarqube ends from the analysis tasks and push its metrics to the local server, just go to localhost:9000, log in using the default credentials, and viola, static analysis of your code is there in front of you.