Installing CodeScan for VS Code

 

The CodeScan VS Code plugin provides on-the-fly feedback to developers on bugs and quality issues, it is a fully-integrated user experience in VS Code.

Prerequisites

You will need:

  • For Self Hosted
    • Java 8+
    • A working SonarQube™ (7.9+) installation
    • A licensed version of CodeScan (4.3+) plugin to get started (see here)
  • For CodeScan Cloud
    • A CodeScan Cloud account (with valid enterprise or trial license)
  • A recent version of VS Code installed (v1.12 or above)
  • If you are working with Salesforce code, you will need the Salesforce Extensions for VS Code or at least the Apex and Visualforce plugins.

Installation

  • In VS Code, go to the Marketplace and download CodeScan.

  • Restart VS Code.

  • Press Ctrl + Shift + P and search Settings to open 

  • Copy and paste the following boilerplate in to get started.

        "codescan.servers": [
       {
            "serverId": "**************",
            "organizationKey": "**************",
            "serverUrl": "**************",
            "token": "**************"
        },
    ],

    "codescan.project": {
        "serverId": "**************",
        "projectKey": "**************"
    }

  • Edit the following in the codescan.servers section.

  • For CodeScan Cloud

    • Add organizationKey as your CodeScan Cloud organization key (Where do I find this?).
    • Add token with a token generated in here in CodeScan Cloud.
    • Add serverUrl as https://app.codescan.io/
    • Add serverId with a value you will remember.

  • For Self-Hosted CodeScan

    • Add token with a token generated in SonarQube™.
    • Add serverUrl as your SonarQube™ server URL (Default is http://localhost:9000).
    • Add serverId with a value you will remember.

  • Edit the following in codescan.project
    • Add projectKey with the key of the project you would like to use the settings from (Where do I find this?).
    • Add serverId with the serverId you used when editing your codescan.servers settings.

  • Now hit Ctrl+Shift+P (Windows/Linux) or Shift+Command+P(Mac) to open the Command Palette.
  • Type in CodeScan to bring up the CodeScan commands and run “Update CodeScan binding to SonarQube/CodeScan Cloud”. If any changes are made on the SonarQube™ server you should repeat this step.
  • Open a file, you should see the issues in your code underlined.

VS Code behind a proxy

VS Code extensions can be difficult to use behind a proxy.  

To point CodeScan at the correct proxy, all it takes is a single environment variable for your system.

The environment variable is:

JAVA_TOOL_OPTIONS

The value should be: 

-Dhttp.proxyHost=[YOUR_PROXY_HOST] -Dhttp.proxyPort=[YOUR_PROXY_PORT]

-Dhttps.proxyHost=[YOUR_PROXY_HOST] -Dhttps.proxyPort=[YOUR_PROXY_PORT]

-Dhttp.nonProxyHosts="localhost|127.0.0.1"

If the proxy has a username and password you can provide those in the
-Dhttps.proxyUser=your_username and -Dhttps.proxyPassword=your_password parameters

Self Signed Certificates

If you are connecting to a server with self signed certificates you will need to specify them for your Java and Node installations. 

Java: documentation here.

Node: NODE_EXTRA_CA_CERTS: /usr/local/share/ca-certificates/YOUR_CERT.crt

Troubleshooting

Some useful debugging information is available under the Output window under the ‘CodeScan’ tab.

CodeScan should automatically find the JRE installed on your computer. If you are having trouble you can specify the path using sonarlint.ls.javaHome variable in your VS Code Settings.

You can check for any serious errors by going to Help > Toggle Developer Tools to bring up the console.

You can also contact us at the CodeScan Support Page. Feel free to ask questions, report issues, and give suggestions.