Is there a way to run sonarlint in command line and check if any rule has breached ?
The context it that I want the same checks to be run in my IDE, by local dev before pushing and on the CI.
I also don’t want every dev to install a SonarQube locally
Hi @fabich and welcome to the SonarSource community!
Let me ask you a few questions to understand your context and needs a little more in details:
which IDE are you (or the developers in your organization) using?
We are using VS Code, Eclipse and Intellij
do you have one SonarQube instance in your team/company, integrated with your CI flows?
No we don’t have a SonarQube instance.
what is your goal exactly?
I want to force the project to 0 issue so no body add new issues.
We already have several CLI tools we use on the CI that any user can also run locally.
I’d like to the same with SonarLint checks
Thanks @fabich for the clarifications.
The quick answer: it is not possible to run SonarLint checks from command line, and still, with SonarQube or SonarCloud, there is a way to reach your goal “nobody adds new issues” without requiring “forcing the project to 0 issues”
The long answer: SonarLint goal is to catch issues directly in the IDE as developers code; the idea is to detect issues as soon as possible (=in the very moment you write a line code). We do not see SonarLint as a tool to review the whole list of issues in your project, nor to “force the project to 0 total issues”. This is why we do not propose a CLI for SonarLint to scan the whole project and report issues.
You say “I want to force the project to 0 issues so no body add new issues”: actually, we have tools that allow you to avoid adding new issues, without the precondition to reach 0 total issues in your project; moreover, your project may have many existing issues, and this should not prevent you from starting enforcing better code quality and security policies. To this extent, we promote the Clean As You Code approach to achieve Code Quality and Security by focusing on issues on the New Code Period while avoiding removing all existing issues. I invite you to read the blog post and our documentation for a full explanation of our rationale and methodology.
Following this methodology, here is why we propose to associate SonarLint with a SonarQube or SonarCloud instance:
How would a dev check if he is adding new errors if he does not have access to the CI SonarQube ?
From SonarLint itself (not via CLI), at least in Eclipse and IntelliJ it is possible to list and review issues in modified files when you commit. For example in IntelliJ IDEA, if SonarLint detects some issues in the files I am about to commit, I will get such a popup:
Ok, I think it’s a bit weird to have a full IDE integration but no simple CLI to do the checks.
We already have ten tools (checkers, linters, formatters…) running with command line. For example for Java checkstyles we can see them in any IDE (with the corresponding extension) but we also have the possibility to run mvn checkstyle:check to see if the code is clean, which is also the command run on CI before merging a PR.
All this tools also have configuration (the list of rules we want to enforce, the current number of violations, the exact tool version…) that is merged into the project. The maven plugin (or equivalent for other languages) is all the user really need and it is easily installed with the package manager.
As far as I understand Sonar, it is not possible to run this kind of workflow 
