Running static code analysis with SonarQube is essential for maintaining clean, quality code. Recently, while working on our Laravel microservice project mhn-doctors-ms, we hit a common yet frustrating roadblock:

❌ bash: sonar-scanner: command not found

This error appeared when trying to run the SonarScanner CLI from Git Bash on Windows.
If you’re facing the same issue, this guide will walk you through the exact steps to fix it and get your code scanned properly in no time.

🔍 What Went Wrong?

We attempted to run:

sonar-scanner \
  -Dsonar.projectKey=mhn_doctor_ms_sonarQube_test \
  -Dsonar.sources=. \
  -Dsonar.host.url=http://127.0.0.1:9000 \
  -Dsonar.token=sqp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

But instead of running the scan, Git Bash responded with:

bash: sonar-scanner: command not found

This error simply means that:

• SonarScanner CLI is not installed, or
• It’s not added to your system’s PATH, so your terminal doesn’t know where to find it.

✅ Step-by-Step Fix

1️⃣ Download SonarScanner CLI for Windows

Visit the official SonarSource download page:

🔗 Download SonarScanner CLI

• Choose the latest .zip file (e.g., sonar-scanner-cli-5.0.1.3006-windows.zip)
• Extract it to a permanent folder. For example:

C:\sonar-scanner

Add SonarScanner to Your System PATH

To use sonar-scanner from any terminal:

1. Press Windows + S, search for “Environment Variables”
2. Click “Edit the system environment variables”
3. In the System Properties window, click Environment Variables
4. Under System Variables, find and select Path, then click Edit
5. Click New and add:

C:\sonar-scanner\bin

Click OK → OK → Close all windows

Verify Installation

Open a new terminal window (PowerShell or CMD recommended) and run:

sonar-scanner -v

If installed correctly, you should see the version of SonarScanner printed.

4️⃣ Run SonarScanner on Your Project

Now that everything’s set, navigate to your project folder and run:

sonar-scanner \
  -Dsonar.projectKey=mhn_doctor_ms_sonarQube_test \
  -Dsonar.sources=. \
  -Dsonar.host.url=http://127.0.0.1:9000 \
  -Dsonar.token=sqp_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

After a few seconds, you’ll see the analysis running and a success message with a link to your results on the SonarQube dashboard.

💡 Pro Tips

• Use PowerShell or CMD instead of Git Bash for better Windows compatibility.
• Always generate and use a SonarQube token for CLI authentication — no need to expose passwords.
• Keep your SonarScanner CLI updated for the latest rules and features.