Add scanning step to Jenkins pipeline scanning C++ projects

tbank12 · February 1, 2023, 7:50pm

I’d like to add this to our Jenkins pipeline, scanning C++ projects.
Currently, the scanning step looks like this:

bat_start_cmd = "${sqScannerMsBuildHome}\\SonarScanner.MSBuild.exe begin /k:${sonar_groupId}:${sonar_artifactId} " +
"/n:\"${sonar_name}\" /v:${sonar_version} " +
"/d:sonar.dotnet.excludeTestProjects=true " +
"/d:sonar.sources=.\\ " +
"/d:sonar.branch.name=${sonar_branch} " +
"/d:sonar.login=${env.SONAR_AUTH_TOKEN} "

bat bat_start_cmd
maven.withGoals('compile').execute()
bat "${sqScannerMsBuildHome}\\SonarScanner.MSBuild.exe end /d:sonar.login=${env.SONAR_AUTH_TOKEN}"

I am trying to use SonarSource Build Wrapper

We compile 99% of the code on windows and use maven. How do we combine it with this step?
build-wrapper-win-x86-64.exe --out-dir build_wrapper_output_directory MSBuild.exe /t:Rebuild /nodeReuse:False

Will such a call allow you to scan the JavaScript, TypeScript code?

SonarQube version: 9.8.0.63668

ganncamp · February 2, 2023, 7:29pm

Hi,

I’m confused. Your title is about C++, you’re using the begin command required to analyze C#, and you’re invoking Maven, which is used for Java analysis.

If your project has a mix of C# and C++, these docs should help, although…

you may need to extract Maven out of there. It’s not clear to me why it would be in the mix for C++ analysis.

You’re also asking about including JavaScript & TypeScript in the analysis, but I think it will be simpler to get your C++(?) under analysis first and then add them in later.

Ann