-
Notifications
You must be signed in to change notification settings - Fork 83
Connected Mode
You can connect SonarLint to SonarQube >= 7.9 or SonarCloud and bind your workspace folders to a SonarQube/SonarCloud project to benefit from the same rules and settings that are used to inspect your project on the server. SonarLint then hides in VSCode the issues that are marked as Won’t Fix or False Positive.
Connected mode will also allow to unlock analysis of those languages:
Configure connection details (user token, SonarQube server URL or SonarCloud organization). For security reasons, the token should not be stored in SCM with workspace settings. That's why we suggest to configure them in VSCode user settings.
Example for SonarQube:
{
"sonarlint.connectedMode.connections.sonarqube": [
{ "serverUrl": "https://sonarqube.mycompany.com", "token": "<generated from SonarQube account/security page>" }
]
}
Example for SonarCloud:
{
"sonarlint.connectedMode.connections.sonarcloud": [
{ "organizationKey": "myOrg", "token": "<generated from https://sonarcloud.io/account/security/>" }
]
}
The second step is to configure the project binding, either at workspace level, or in every workspace folders. Example:
{
"sonarlint.connectedMode.project": {
"projectKey": "the-project-key"
}
}
If you plan to use multiple connections, to different SonarQube servers and/or SonarCloud organizations, simply give a unique connectionId to each entry, and use them as reference in the binding.
Example:
// In user settings
{
"sonarlint.connectedMode.connections.sonarqube": [
{ "connectionId": "mySonar", "serverUrl": "https://sonarqube.mycompany.com", "token": "xxx" }
]
"sonarlint.connectedMode.connections.sonarcloud": [
{ "connectionId": "myOrgOnSonarCloud", "organizationKey": "myOrg", "token": "yyy" }
]
}
// In project1/.vscode/settings.json
{
"sonarlint.connectedMode.project": {
"connectionId": "mySonar",
"projectKey": "the-project-key-on-sq"
}
}
// In project2/.vscode/settings.json
{
"sonarlint.connectedMode.project": {
"connectionId": "myOrgOnSonarCloud",
"projectKey": "the-project-key-on-sc"
}
}
Configuring a project binding at the workspace level mutes Won’t Fix and False Positive issues in any of the project's sub-folders added to the workspace. SonarLint will do its best to synchronize with the most appropriate branch from the server.
In connected mode with SonarCloud or any commercial edition of SonarQube, SonarLint receives notifications about Quality Gate changes and new issues. This feature can be toggled using the disableNotifications field in a server connection definition.
When using SonarQube >= 8.6 and browsing a security hotspot there will be a button offering to open the hotspot in SonarLint if you have already SonarLint running in VSCode. Limitation: this feature relies on local communication between your web browser and SonarLint, and consequently is not available in CodeSpaces.
SonarLint keeps server side data in a local storage. If you change something on the server such as the quality profile, you can trigger an update of the local storage using the "SonarLint: Update all project bindings to SonarQube/SonarCloud" command on the command palette (search for "sonarlint"). SonarLint will also automatically attempt to synchronize with configured servers at startup and every hour.