This guide will get a fully functional Multi-Project evaluation version of the enterprise CodeScan running on your own desktop.
PLEASE NOTE: This version of CodeScan is intended to give you a feel for the tool and will not work as a hosted solution. To test Self-Hosted CodeScan on a server of your choosing, please see our Full Install instructions.
For more information about Multi-Project and Single-Project licences, visit the FAQ.
The CodeScan Bundler packages all required processes into one easy to use download.
The bundler prepares the following environment:
- SonarQube running on port 59001
- Jenkins for runnning jobs on port 59003
- CodeScan configured and guides you through the trial license setup
- A preconfigured Jenkins Template which will download your Salesforce code and analyse it for display in SonarQube
- A preconfigured Jenkins Template which will download code from a Git repository and analyse it for display in SonarQube
Download the latest version of the CodeScan Bundler here: download
Log in to SonarQube as an Administrator. The default login is:
- User: admin
- Password: admin
- Click on the Quality Profiles menu.
Running Your First Scan
Run the bundler with Java (or run with java -jar filename.jar). This may take some time as it needs to download all the bundle’s contents
Run the Job called “CodeScan Template - Salesforce Download” by clicking the clock icon on the right
Modify the build parameters as required. You can pre-fill these by configuring the job and setting the default values; better yet, take a copy of the job and create a unique job.
Click the build button and monitor the output
If all goes well you can open SonarQube to see the result.
Going into Production
The CodeScan Bundler tool is not intended to be run on a server or in a ‘production’ type environment. A few things are missing:
- Security/Authentication/etc is not configured. We suggest (but not limit to): set strong passwords on all services, ensure that all services are configured to require logins, setting approriate group level security and putting the entire service behind a SSL secured site.
- Manually set the dedicated memory for your builds to avoid Out Of Memory errors. Details on the Troubleshooting Page
- SonarQube is using a ‘test’ embedded database which does not scale. We recommend you configure SonarQube to run with a database like Postgres or MySql
- We suggest you read the ‘full’ install instructions here: full installation instructions
Before contacting support, please try the following things:
- Open the Jenkins Build History and check for build problems
Check the ends of the following log files:
If CodeScan Bundler was terminated, you may need to clean up any java processes (on Windows use the Task Manager to kill any java.exe processes belonging to the Bundler)
Finally if you are still having troubles, please contact our Support Team.
Please attach the following log files to your ticket: - codescan-bundler/sonarqube/logs/sonar.log - codescan-bundler.log