Running static code analysis with SonarQube is essential for maintaining clean, quality code. Recently, while working on our Laravel microservice project mhn-doctors-ms, we hit a common yet frustrating roadblock:
❌
bash: sonar-scanner: command not found
This error appeared when trying to run the SonarScanner CLI from Git Bash on Windows.
If you’re facing the same issue, this guide will walk you through the exact steps to fix it and get your code scanned properly in no time.
🔍 What Went Wrong?
We attempted to run:
sonar-scanner \
-Dsonar.projectKey=mhn_doctor_ms_sonarQube_test \
-Dsonar.sources=. \
-Dsonar.host.url=http://127.0.0.1:9000 \
-Dsonar.token=sqp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
But instead of running the scan, Git Bash responded with:
bash: sonar-scanner: command not found
This error simply means that:
- SonarScanner CLI is not installed, or
- It’s not added to your system’s PATH, so your terminal doesn’t know where to find it.
✅ Step-by-Step Fix
1️⃣ Download SonarScanner CLI for Windows
Visit the official SonarSource download page:
- Choose the latest
.zipfile (e.g.,sonar-scanner-cli-5.0.1.3006-windows.zip) - Extract it to a permanent folder. For example:
C:\sonar-scanner
Add SonarScanner to Your System PATH
To use sonar-scanner from any terminal:
- Press
Windows + S, search for “Environment Variables” - Click “Edit the system environment variables”
- In the System Properties window, click Environment Variables
- Under System Variables, find and select
Path, then click Edit - Click New and add:
C:\sonar-scanner\bin
Click OK → OK → Close all windows
Verify Installation
Open a new terminal window (PowerShell or CMD recommended) and run:
sonar-scanner -v
If installed correctly, you should see the version of SonarScanner printed.
4️⃣ Run SonarScanner on Your Project
Now that everything’s set, navigate to your project folder and run:
sonar-scanner \
-Dsonar.projectKey=mhn_doctor_ms_sonarQube_test \
-Dsonar.sources=. \
-Dsonar.host.url=http://127.0.0.1:9000 \
-Dsonar.token=sqp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
After a few seconds, you’ll see the analysis running and a success message with a link to your results on the SonarQube dashboard.
💡 Pro Tips
- Use PowerShell or CMD instead of Git Bash for better Windows compatibility.
- Always generate and use a SonarQube token for CLI authentication — no need to expose passwords.
- Keep your SonarScanner CLI updated for the latest rules and features.
