Code Analysis Tool Integration Practice — How to use SonarLint

SonarLint 是一款 sonarsource 推出的 IDE 外掛，它讓你的 IDE 具備有 code analysis 的功能，讓開發者在開發階段就能偵測出程式碼中的bugs 或潛在的問題，目前支援了Eclipse, Intellij IDEA, Visual Studio 和 VS Code 四款主流的IDE。接下來就來介紹如何在 Eclipse上安裝和使用SonarLint。

1. Install plugin

1.1 Help> Install New Software

1.2 Fetch from https://eclipse-uc.sonarlint.org and install “SonarLint for Eclipse”

2. Analyze Code

2.1 Right click on the project> SonarLint

2.2 wait a mount to see the scan result and you can right click on the item to get more detailed information.

3. Bind to SonarQube

You can synchronise the rules from SonarQube, but it will not be 100% equal. SonarLint skip some rules on purpose due to some performance consideration. Get the detailed difference from here.

3.1 Right click on the project> SonarLint> Bind to SonarQube …

3.2 Choose the SonarQube

3.3 Input the URL

3.4 Input your token or username+password for accessing SonarQube.

3.5 After configuring the connection information, you can start to add project to bind to SonarQube.

3.6 In the end, you can see the project is already bound to SonarQube. when the setting on the SonarQube has been changed, SonarLint will pop up the message to remind you.

安裝好SonarLint以後，開發者一邊寫code，SonarLint就會一邊即時的偵測問題。那這邊介紹的是安裝在Eclipse上，不同的IDE上的plugin功能大致相同，其他IDE的更多資訊也可以參考 Use SonarLint in IntelliJ IDEA, Use SonarLint in Visual Studio, Use SonarLint in VS Code 喔。