Installing CodeScan Bundler

This guide will get a fully functional Multi-Project evaluation version of the enterprise CodeScan running on your own desktop.

For more information about Multi-Project and Single-Project licences, visit the FAQ.

If you are installing on a production server or would like to have more control over the setup please follow the instructions on our overview page

The CodeScan Bundler packages all required processes into one easy to use download.

The bundler prepares the following environment:

  • SonarQube running on port 59001
  • Jenkins for runnning jobs on port 59003
  • CodeScan configured and guides you through the trial license setup
  • A preconfigured Jenkins Template which will download your Salesforce code and analyse it for display in SonarQube
  • A preconfigured Jenkins Template which will download code from a Git repository and analyse it for display in SonarQube

Getting Started

Download the latest version of CodeScan here: download


  • Java 1.8+

  • Run the bundler with Java (or run with java -jar filename.jar). This may take some time as it needs to download all the bundle’s contents

  • Open Jenkins

  • Run the Job called “CodeScan Template - Salesforce Download” by clicking the clock icon on the right

  • Modify the build parameters as required. You can pre-fill these by configuring the job and setting the default values; better yet, take a copy of the job and create a unique job.

  • Click the build button and monitor the output

  • If all goes well you can open SonarQube to see the result.

  • The default login for SonarQube is:

    • User: admin
    • Password: admin

More information

Going into Production

The CodeScan Bundler tool is not intended to be run on a server or in a ‘production’ type environment. A few things are missing:

  • Security/Authentication/etc is not configured. We suggest (but not limit to): set strong passwords on all services, ensure that all services are configured to require logins, setting approriate group level security and putting the entire service behind a SSL secured site.
  • Manually set the dedicated memory for your builds to avoid Out Of Memory errors. Details on the Troubleshooting Page
  • SonarQube is using a ‘test’ embedded database which does not scale. We recommend you configure SonarQube to run with a database like Postgres or MySql
  • We suggest you read the ‘full’ install instructions here: full installation instructions


Before contacting support, please try the following things:

  • Open the Jenkins Build History and check for build problems
  • Check the ends of the following log files:

    • codescan-bundler/sonarqube/logs/sonar.log
    • codescan-bundler.log
  • If CodeScan Bundler was terminated, you may need to clean up any java processes (on Windows use the Task Manager to kill any java.exe processes belonging to the Bundler)

Finally if you are still having troubles, please contact our Support Team.

Please attach the following log files to your ticket: - codescan-bundler/sonarqube/logs/sonar.log - codescan-bundler.log