Skip to content

Integrating with Development Environments (IDE/Lint)

About

Currently, to know the code quality we must first push the code to the Azure DevOps repo, then trigger the SonarQube scan job through azure pipeline. The service connection allows the scanned results to be sent to Medtronic configured SonarQube server where users can view it. This procedure is repeated until all Sonar issue are fixed, which is inconvenient, time consuming and delayed. 

SonarLint works like a spell checker by providing immediate feedback in your IDE as you write code

SonarLint Benefits

SonarLint an extension you can add to an IDEs such as VSCode

Real-time feedback to developers on the quality of the code as its written, which can improve productivity.

Provides remediation guidance so you can fix them before the code is even committed 

Keeps everyone on the same page -- refer to CONNECTED MODE below

Note: Default SonarLint will only run rules from SonarSource analyzers including custom rules extending SonarSource analyzers  . Check CONNECTED MODE SECTION for connecting SonarLint with our SonarQube server

SonarLint for VS Code

SonarLint in VS Code supports analysis of C, C++, HTML, Java, JavaScript, PHP, Python and TypeScript, and you can install it directly from the VS Code extension list

Prerequisites

A working SonarQube (6.7.4+) server.

A recent version of Visual Studio Code (hereinafter referred to as VS Code)  installed (v1.12 or above)

A Java Runtime (JRE) 8 or 11 installed on your computer

Installation and Configuration

In VS Code, go to the Marketplace and download SonarLint

Restart/Reload VS Code.

In the VS Code Settings, search SonarLint

Click Edit in settings.json under any setting and set the sonarlint.connectedMode.connections.sonarqube in User Settings

To configure the SonarLint plugin, you'll need

Add server ID with a value you will remember (it is used locally only)

Add user token with a token generated in SonarQube

Add server URL as your SonarQube server URL

NOTE: You need to be aware that you can't copy the address of your SonarQube homepage because the VS Code cannot request API with HTTPS protocol. You'll need to get the server URL with HTTP protocol instead of HTTPS. For example, the server URL of my project is https://sonarci.wdf.sap.corp:8443/, I set the serverUrl to **http://sonarci.wdf.sap.corp:8080/sonar**. If you don't know the server URL with HTTP, you can ask for the platform or project administrator.

Now hit Ctrl+Shift+P (Windows/Linux) or Shift+Command+P(Mac) to open the Command Palette

Type SonarLint to bring up the SonarLint commands

Run "SonarLint: Update all bindings to SonarQube/SonarCloud". If any changes are made on the SonarQube server, you should repeat this step

Connected Mode

You can connect SonarLint to SonarQube 7.9+ by binding your VSCode workspace folder to your SonarQube project(s), and benefit from the same rules and quality gate settings that are used to inspect your project on the server. SonarLint in VSCode then hides Won't Fix and False Positive issues in any file from a bound folder.

While in connected mode, SonarLint received notifications from SonarQube about your Quality Gate and new issues. Notifications can be enabled or disabled from the UI while creating or editing the connection settings.

Note: Connected Mode does not push or pull issues to or from the server. Rather, its purpose is to configure the IDE so that it uses the same settings as the server

Connected Mode for VS Code

For SonarLint v3.6 and above:

Download and install the SonarLint extension for VSCode

Expand SONARLINT CONNECTED MODE view in VSCode

Select the plus icon to Add SonarQube Connection and complete the fields

Server name: https://sonarqube.mdtproductdevelopment.com/

Refer to Integrating with SonarQube Restful API for information on how to generate User Token

Connection Name: a friendly name for your connection. In case of multiple connections, it also acts as a connection ID

Select Save Connection and verify that the new connection was set up successfully in the Connected Mode view

To set up a Connected Mode for SonarLint v3.5.4 and lower, please see the relevant wiki for Connection Setup.