Apex Code Quality Tools for Force.com

This guide will get a fully functional 30 day Multi-Project evaluation version of the enterprise CodeScan running on your own server.

For more information about Multi-Project and Single-Project licences, visit the FAQ.

If you want to use our quickstart bundler please go to our bundler instructions page.

Prerequisites:

  • Ant 1.9+
  • SonarQube (recommended version: 6.3)
  • Java 8+ (1.8+)
  • Windows / Mac / Linux

Download

  • Download the latest version from here
  • Extract the zip file. It contains the SonarQube plugin and an ant based tool to run an analysis with.

Plugin installation

  • Delete any existing salesforce plugins from your installation
  • Copy sonar-salesforce-plugin-XXX.jar into your SonarQube installation at /extensions/plugins/

Note: you will need to edit antbuild.properties if your SonarQube installation different than usual or if you have a proxy. You can also edit /runner/antbuild.xml if you want to customize your workflows.

For more instructions on how to setup the SonarQube ant plugin, see https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+Ant you should check the steps that the ant script takes are appropriate for your requirements.

Configure the CodeScan license:

Standard setup:

  • When you receive your license, enter it by logging into SonarQube with the credentials User: admin Password: admin and go to Administrator at the top right.
  • Click on ‘General Settings’ on the right
  • Click on CodeScan on the list of Categories
  • Enter your license in the text box labeled ‘CodeScan license’ (key is sf.license.secured)
  • Click save

Alternative setup:

If you don’t see a license field in SonarQube, you may need to follow these instructions instead:

  • When you receive your license, enter it by logging into SonarQube with the credentials User: admin Password: admin and go to Administrator at the top right.
  • Click on Configuration then Licenses
  • Click Update next to the ‘CodeScan license’
  • Currently you may receive the following message. If the Product or Server is red then you can safely ignore this error

Setting up a project

  • Create a copy of the ‘sonar-project-template’ folder in the runner directory of this folder and put it in the same project. Let’s call it /runner/my-project
  • Set sonar.projectKey=myproject
  • Set sonar.projectName=My Project
  • Set salesforce.username and salesforce.password to your salesforce username/password(plus token). This is not necessary if you want to analyse static content (see running offline). Please use a system administrator user profile for this otherwise you may experience strange errors when downloading the code or executing tests.
  • Open a command prompt and navigate into /runner/my-project
  • Run this command. See Ant Configuration for a list of default commands
    ant -f ../antbuild.xml analyse

NOTE: If the Anyone group is not granted Execute Analysis permission or if the SonarQube instance is secured (the sonar.forceAuthentication property is set to true), the credentials of a user having been granted Execute Analysis permission have to be provided through the sonar.login and sonar.password properties.

Having trouble?

  • Read the tutorials
  • Check the troubleshooting section
  • Find information in the other resources section
  • Contact support
CodeScan documentation

Copyright © Village Chief Pty Ltd – 2014-2017. ABN: 11 153 295 571