Qodana Docker Image

Supported tags: 2020.3-eap, 2021.1-eap, latest (points to 2021.1-eap)

The Qodana Docker image lets you to perform static analysis of your code base. The current version supports PHP, Java, and Kotlin for Server Side; support for more languages and technologies is on its way.

We provide two options optimized for different scenarios:

Running the analysis on a regular basis as a part of your continuous integration (CI-based execution)
Single-shot analysis (for example, performed locally)

If you prefer the first option and have established continuous integration (CI) support for your project, this page will describe all available possibilities.
If you don't have any CI for your project, we encourage you to try a free version of JetBrains TeamCity, either in-cloud (currently in Beta) or on-premise. In this case, you can switch to our TeamCity plugin as it gives more options.

If you are familiar with JetBrains IDEs code inspections and know what to expect from the static analysis outside the editor, you can start with the "Using existing profile" section.

If you are just starting in the field, we recommend proceeding with the default setup we provide. You will see the results of the most common checks performed on your code base. Later, you can adjust them to suit your needs better.

Quick start with recommended profile

Run analysis locally

Pull the image from Docker Hub (only necessary to update the latest version):
docker pull jetbrains/qodana
Run the following command:
docker run --rm -it -p 8080:8080 \ -v <source-directory>/:/data/project/ \ -v <output-directory>/:/data/results/ \ jetbrains/qodana --show-report
where source-directory and output-directory are full local paths to, respectively, the project source code directory and the analysis results directory.
This command will run the analysis on your source code and start the web server to provide a convenient view of the results. Open http://localhost:8080 in your browser to examine the found problems and performed checks. Here, you can also reconfigure the analysis. See the UI section of this guide for details. When done, you can stop the web server by pressing Ctrl-C in the Docker console.
In case you don't need the user interface and prefer to study raw data, use the following command:
docker run --rm -it \ -v <source-directory>/:/data/project/ \ -v <output-directory>/:/data/results/ \ jetbrains/qodana
The output-directory will contain all the necessary results. You can further tune the command as described in the technical guide.
If you run the analysis several times in a row, make sure you've cleaned the results' directory before using it in docker run again.

Run analysis in CI

Use the following command as the task in generic Shell executor:
docker run --rm \ -v <source-directory>/:/data/project/ \ -v <output-directory>/:/data/results/ \ jetbrains/qodana
where source-directory and output-directory are full paths to, respectively, the project source code directory and the analysis results directory.
The output of output-directory is described here. Consider using fail-thresold to make the build fail on a certain number of problems reached. Running as non-root is also supported.
Example for GitHub Workflow (.github/workflows/qodana.yml ):

  jobs:
    qodana:
      runs-on: ubuntu-latest
      steps:
        - uses: actions/checkout@v2
        - uses: actions/cache@v2
          with:
            path: ~/work/_temp/_github_home/cache
            key: ${{ runner.os }}-qodana-${{ github.ref }}
            restore-keys: |
              ${{ runner.os }}-qodana-${{ github.ref }}
              ${{ runner.os }}-qodana-   
        - uses: docker://jetbrains/qodana
          with:
            args: --cache-dir=/github/home/cache --results-dir=/github/workspace/qodana --save-report --report-dir=/github/workspace/qodana/report
        - uses: actions/upload-artifact@v2
          with:
            path: qodana

Example for GitLab CI (.gitlab-ci.yml ):

    qodana:
     image: 
       name: jetbrains/qodana
       entrypoint: ['']
     script:
       - /opt/idea/bin/entrypoint --results-dir=$CI_PROJECT_DIR/qodana --save-report --report-dir=$CI_PROJECT_DIR/qodana/report
     artifacts:
       paths:
         - qodana

Using existing profile

This section is intended for users familiar with configuring code analysis via IntelliJ inspection profiles.

You can pass the reference to the existing profile in multiple ways. Here are some examples:

Mapping profile to /data/profile.xml inside of container:
docker run --rm -it -p 8080:8080 \ -v <source-directory>/:/data/project/ \ -v <output-directory>/:/data/results/ \ -v <inspection-profile.xml>:/data/profile.xml jetbrains/qodana --show-report ```
Using name of profile in your project .idea/inspectionProfiles/ folder:
docker run --rm -it -p 8080:8080 \ -v <source-directory>/:/data/project/ \ -v <output-directory>/:/data/results/ \ jetbrains/qodana --show-report -profileName php.extended

Configure via qodana.yaml

The qodana.yaml file will be automatically recognised and used for the analysis configuration, so that you don't need to pass any additional parameters.
The references to the inspection profiles will be resolved in a particular order. To learn about the format, refer to the qodana.yaml documentation.

Plugins management

Paid plugins are not yet supported. Each vendor must clarify licenseing terms for CI usage and collaborate with us to make it work.

Any free IntellJ platform plugins or your custom plugin can be added by mounting it to the container plugins' directory using the following command:

docker run ... -v /your/custom/path/%pluginName%:/opt/idea/plugins/%pluginName% jetbrains/qodana

Please refer to this guide for more details.

Usage statistics

According to the JetBrains EAP user agreement, we can use third-party services to analyze the usage of our features to further improve the user experience. All data will be collected anonymously. You can disable the reporting of usage statistics by adjusting the options of the Docker command you use. Refer to this guide for details.

License

By using the Qodana Docker image, you agree to the JetBrains EAP user agreement and JetBrains privacy policy.
The Docker image includes the evaluation license, which will expire in 30 days. Please ensure you pull a new image on time.

Contact

Contact us at qodana-support@jetbrains.com or via our issue tracker. We are eager to receive your feedback on the existing Qodana functionality and learn what other features you miss in it.

Last modified: 11 March 2021