Qodana 2022.3 Help

Qodana for .NET

Docker image paths

Path

Description

/data/project

Root directory of the project to be analyzed

/data/results

Directory to store the analysis results, needs to be empty before running Qodana for .NET

/opt/idea

Rider distributive directory

/root/.config/idea

Rider configuration directory

/data/profile.xml

Used if a profile was not previously configured either via the CLI or the qodana.yaml file. See Order of resolving a profile.

Configuration options

Docker images can be configured using several CLI options. All these options can be divided into three groups.

The first group requires the equal sign (=) to be placed between the option name and its argument like --project-dir=/path/to/project.

The second group uses the space character ( ) to separate option names and their arguments like −−baseline /path/to/sarif/file.

The third group of options does not require any arguments to be supplied with, as you can see it in case of the --save-report option.

You can run the docker run jetbrains/qodana-dotnet:2022.3-eap command to see the list of options in the CLI.

Directories

Option

Description

-i, --project-dir=

Root directory of the inspected project (default: current working directory /data/project).

-o, --results-dir=

Directory to save Qodana inspection results to (default: /data/results).

-r, --report-dir=

Directory to save an HTML report to (default: /data/results/report).

--cache-dir=

Cache directory (default: /data/cache).

-d, --source-directory

Directory inside the project-dir directory that needs to be inspected. If not specified, the whole project is inspected.

Profile

Qodana profile can be configured using these CLI options. Alternatively, you can configure Qodana using the qodana.yaml file as described in the Configure profile section.

Option

Description

--disable-sanity

Skip running the inspections configured by the sanity profile (default: enabled).

-n, --profile-name

Profile name defined in the project. The actual name is stored as the <option name="myName" value="%profileName%" /> value in the profile xml file and is visible in the Rider UI.

-p, --profile-path

Absolute path to the profile file.

--stub-profile

Absolute path to the fallback profile file. This option is applied in case the profile was not specified using any available options.

Baseline

To learn more about the baseline feature, see the Run in baseline mode example, or study the Baseline section.

Option

Description

-b, --baseline

Run Qodana in the baseline mode. Provide the path to an existing SARIF report to be used in the baseline state calculation.

--baseline-include-absent

Include in the output report the results from the baseline run that are absent in the current run.

Miscellaneous

Option

Description

-s, --save-report

Generate HTML report.

-w, --show-report

Serve HTML report on port 8080.

--property=

Set a JVM property to be used while running Qodana using the --property=property.name=value1,value2,...,valueN notation. This option can be repeated multiple times for setting multiple JVM properties.

--fail-threshold

Set the number of problems that will serve as a quality gate. If this number is reached, the inspection run is terminated.

-c, --changes

Inspect uncommitted changes and report new problems.

Qodana Cloud

Option

Description

-a, --analysis-id=

Unique report identifier (GUID) to be used by Qodana Cloud.

Examples of execution tuneup

Override the default inspection profile

docker run ... -v <inspection-profile.xml>:/data/profile.xml \ jetbrains/qodana-dotnet:2022.3-eap

If no profile is specified, the default qodana.recommended profile is used. For more options of how to specify a profile, see Order of resolving a profile. For more about available profiles, see Set up a profile.

Save a report as HTML

docker run ... jetbrains/qodana-dotnet:2022.3-eap --save-report

By default, the HTML report is stored in a separate report/ subdirectory under the results directory. This location could be configured with --report-dir.

Display a report in HTML

docker run ... -p 8080:8080 jetbrains/qodana-dotnet:2022.3-eap --show-report

After the inspection is finished, the container will not exit and will listen on port 8080. You can connect to http://localhost:8080 to see the results. To stop the web server, press Ctrl-C in the Docker console.

Change the Heap size

docker run ... -e _JAVA_OPTIONS=-Xmx6g jetbrains/qodana-dotnet:2022.3-eap

By default, Heap size is set to 80% of the host RAM.

Turn off user statistics

To disable the reporting of usage statistics, adjust the idea.headless.enable.statistics value:

docker run ... jetbrains/qodana-dotnet:2022.3-eap \ --property=idea.headless.enable.statistics=false

Run in baseline mode

In the baseline run mode, each new Qodana for .NET run is compared to some initial run selected as a "baseline". This can help in situations when you have no possibility to fix old problems and rather want to prevent the appearance of new ones.

docker run ... jetbrains/qodana-dotnet:2022.3-eap \ --baseline <baseline-path> [--baseline-include-absent]

where <baseline-path> is the path to a qodana.sarif.json file from an earlier run. If the --baseline-include-absent option is provided, the inspection results will include absent problems, that is the problems detected only in the baseline run but not in the current run.

The SARIF output report will contain the per-problem information on the baseline state.

To learn more about the baseline feature, see the Baseline section.

Set a quality gate

Qodana for .NET lets you configure a "quality gate", that is, the number of problems that will act as a threshold.

docker run ... jetbrains/qodana-dotnet:2022.3-eap --fail-threshold <number>

When running in baseline mode, a threshold is calculated as the sum of new and absent problems. Unchanged results are ignored.

Run as non-root

By default, the container is run as the root user so that Qodana for .NET can read any volumes bind-mounted with the project and write the results. As a result, files in the results/ folder are owned by the root after the run.

To avoid this, you can run the container as a regular user:

docker run -u $(id -u):$(id -g) ...

Note that in this case the results/ folder on host should already be created and owned by you. Otherwise, Docker will create it as root and Qodana for .NET will not be able to write to it.

Cache dependencies

You can decrease the time for a Qodana for .NET run by persisting cache from one run to another. For example, package and dependency management tools such as Maven, Gradle, npm, Yarn, and NuGet keep a local cache of downloaded dependencies.

By default, Qodana for .NET would save caches to folder /data/cache inside container. This location could be changed via --cache-dir cli argument. The data inside is per-repository, so you can pass cache from branch-a to build checking branch-b. In this case, only new dependencies would be downloaded, if they were added.

Example for local run:

docker run --rm -it -p 8080:8080 \ -v <source-directory>/:/data/project/ \ -v <output-directory>/:/data/results/ \ -v <cache-directory>/:/data/cache/ \ jetbrains/qodana-dotnet:2022.3-eap --show-report

In this case mapping the same <cache-directory> would speed up the second run.

In a GitHub workflow you can utilise actions/cache, see full example.

GitLab CI/CD also has cache which can be stored only inside the project directory. In this case, we recommend excluding the cache folder from inspection via qodana.yaml.

Order of resolving a profile

Qodana for .NET checks the configuration parameters for resolving the inspection profile in this order:

  1. Profile with the name %name% from the command-line option --profile-name %name%.

  2. Profile by the path %path% from the command-line option --profile-path %path%.

  3. Profile with the name %name% from qodana.yaml.

  4. Profile by the path %path% from qodana.yaml.

  5. Profile mounted to /data/profile.xml.

  6. Fall back to using the default qodana.recommended profile.

Installation of specific SDK

Qodana for .NET is suitable for analyzing .NET Core projects and provides the following SDK versions:

  • 3.1.425

  • 6.0.403

  • 7.0.100

All SDK versions are stored in the /usr/share/dotnet/sdk directory of the Qodana for .NET container filesystem.

In case a project requires a different version of the SDK, you can set it up before running the analysis using the bootstrap field in the qodana.yaml file. For example, this command will install the required version of the SDK that is specified in the global.json file and located in the root of your project:

bootstrap: curl -fsSL https://dot.net/v1/dotnet-install.sh | bash -s -- --jsonfile /data/project/global.json -i /usr/share/dotnet

Using this command, you can install the 7.0.100-rc.1 version of the SDK:

bootstrap: curl -fsSL https://dot.net/v1/dotnet-install.sh | bash -s -- --version 7.0.100-rc.1.22431.12 -i /usr/share/dotnet
Last modified: 08 December 2022