Connected Mode
You can connect SonarLint to SonarQube >= 6.7 or SonarCloud to benefit from the same rules and settings that are used to inspect your project on the server. SonarLint then hides in VS the issues that are marked as Won’t Fix, False Positive or Fixed.
Note: connected mode does not push or pull issues to or from the server. Rather, its purpose is to configure the IDE so that it uses the same settings as the server.
The following Visual Studio project types are supported: C# (.csproj), VB.NET (.vbproj), and C++ (*.vxcproj). CMake projects are not supported. Supported for JavaScript and TypeScript will be added in the future (see #770).
Note: support for *.vcxproj files was added in v4.15.
images/ConnectedMode/CM_TeamExplorerHomePage_v4_14.png
This will display the SonarQube Connections tab:
images/ConnectedMode/CM_SonarQubeTeamExplorerTab_v4_14.png
images/ConnectedMode/CM_ConnectionDialogue_v4_14.png
The SonarQube tab is used for connecting to both SonarQube and SonarCloud. To connect to SonarCloud you should enter https://sonarcloud.io as the SonarQube server URL.
You can connect using either a User Token, or a user name and password. We strongly recommend using User Tokens. The documentation on creating User Tokens is here: SonarQube ; SonarCloud
When using a User Token, enter the token in the "Username/Token" field text box in SLVS and leave the "Password" text box blank.
If you are connecting to SonarCloud, you will also be prompted to choose which of your organizations the project belongs to:
images/ConnectedMode/CM_OrgDialogue_v4_14.png
You can also connect to public third-party organizations by entering the organization key in the Other Organizations tab:
images/ConnectedMode/CM_Org_OtherOrgs_v4_14.png
To find the organization key for a third-party organization, browse to the project you want to bind to on SonarCloud. The organization key is displayed on the project page:
images/ConnectedMode/CM_ExampleOrgKeyOnSonarCloud.png
The final step is to select the Sonar project want to bind the solution to.
To select a project, either double-click on it, or right-click on it and select Bind from the context menu:
images/ConnectedMode/CM_ProjectSelection_v4_14.png
SonarLint will then fetch the required settings from the server and create local configuration files.
SonarLint will automatically fetch suppressed issues when the bound solution is opened in Visual Studio, and will periodically check for changes every 10 minutes.
You can manually trigger a fetch by clicking 'Update' in the context menu of the SonarQube tab in the Team Explorer window:
images/ConnectedMode/CM_RefreshBinding_v4_14.png
The suppressions will be applied next time an analysis is triggered.
Note: a suppressed issue might still appear in Visual Studio if the code is different from when it was analyzed on SonarQube/SonarCloud.
Note: there is a known issue in which suppressed issues can still be shown for C# and VB.Net. See SLVS-1005 for more information.
SonarLint will fetch file exclusions when a binding is made or updated and save to a file named sonar.settings.json under the .sonarlint folder. If a solution is in connected mode and opened, SonarLint will automatically check with the server wheter file exclusions are updated or not. And if the settings in server are different SonarLint will warn you about this discrepancy and ask you to update the binding.
images/ConnectedMode/CM_OutOfDateConfig_v4_14.png
Alternatively, you can manually trigger an update from a context menu of the SonarQube tab in the Team Explorer window:
images/ConnectedMode/CM_RefreshBinding_v4_14.png
- For now exclusions works only for C/C++.
- Patterns should start with "**/"
- Multicriteria and Test exclusions are not supported. We only support
Global Source File Exclusions,Source File ExclusionsandSource File Inclusions
The local Connected Mode configuration files can get out of step with settings on the SonarQube server/SonarCloud e.g. if the Quality Profile for the project is changed on the server.
SonarLint will automatically check whether the server configuration has changed whenever the bound solution is opened in Visual Studio and will ask you whether you want to update the local configuration to match:
images/ConnectedMode/CM_OutOfDateConfig_v4_14.png
Alternatively, you can manually trigger an update from a context menu of the SonarQube tab in the Team Explorer window:
images/ConnectedMode/CM_RefreshBinding_v4_14.png
There is not an "unbind" command to disconnect a solution from SonarQube/SonarCloud. Instead, simply delete the .sonarlint folder and its contents.
Prior to version 4.0 (released May 2018), Connected Mode behaved slightly differently:
- the appropriate NuGet package for the
SonarAnalyzer.CSharp/SonarAnalyzer.VisualBasicanalyzer were added to each project - the Connected Mode settings were saved in a solution-level folder called
SonarQubein a file calledSolutionBinding.sqconfig.
In subsequent versions of SonarLint:
- the analyzer NuGet packages are no longer installed in any project
- the settings are saved in a solution-level folder called
.sonarlintin a file called[solution name].slconfig
The goal is to have the same issues reported in the IDE as are reported to the server during an analysis run. However, there are a number of reasons why there set of issues can be different - some technical, some bugs, some work that just hasn't been done yet. See ticket #1336 for a summary of the known issues and their current status.