SonarQube server ( Version 9.0.1.46107, community edition)
I made some custom xml rules for look at vbproj and web.config files for specific settings.
So, I want those to be included in the scan/upload for SonarQube but they aren’t being included by default.
I am running the scan in Azure DevOps pipelines
Under extra properties of the Prepare task I’ve added the following:
I’ve also tried to add the xml suffixes on the server under project settings and under the admin setting for the whole server.
I’ve run this with the sonar.sources and without it under extra properties.
These options have worked before on another project but aren’t working this time so I’m not sure if I am forgetting something I did manually last time or not.
For newer SDK-style projects (used by .NET Core, .NET 5, and later), the SonarScanner for .NET will analyze all file types that are supported by the available language plugins unless explicitly excluded.
So I guess the projects where this worked were SDK-style, and this project is not?
They are both on the older side,
.Net framework 4
Both are building and running in VS2019.
And, we are using default settings on the server so anything not effected by the 4 extra properties is default - there is only one reference to an excluded file by default
Logs do say:
SonarScanner for MSBuild 5.5.3
Using the .NET Framework version of the Scanner for MSBuild
.
.
.
INFO: 1 file ignored because of scm ignore settings
I turned off scm in general settings and got: INFO: SCM Publisher is disabled
But the .config file and .vbproj files still did not come over
@dashaw can you tell us how you wrote the custom XML rules please?
If you are using the Scanner for .NET, you should not set the sonar.sources property - it is generated automatically by the scanner i.e. the sonar.sources property will include any file referenced in the MSBuild projects being analysed.
Here, I guess you want to reference the project file itself. You should be able to do that by adding the following in the MSBuild project itself:
If you are still having problems, please share the verbose logs for the end step (verbose logs are generated if you pass /d:sonar.verbose=true to the scanner in the begin step)
Adding the ItemGroup you provided did add each of the .vbproj files to the scan but I’m still not getting the web.config
Adding sonar.verbose=true does not appear to be doing anything to the log output.
We are using a self hosted build server so not sure if it isn’t properly updating properties?
Any items in the Content ItemGroup should be passed to the Sonar command line scanner, which is what happened when I tried it locally (there’s no need to separate it into a separate ItemGroup). However, the file didn’t appear in the SonarCloud UI, and the debug log had the following message:
DEBUG: 'web.config' indexed with language 'null'
My guess is the file wasn’t analysed because none of the plugins are configured to handle .config files. Have you configured your SonarQube server so that the Sonar XML plugin looks at .config files?
Logging:
Using a self-hosted build server shouldn’t make any difference. I passed the extra properties in an Azure DevOps pipeline, and it worked for me. Does the output for your “Run analysis” step not contain a log entry like the following one?
I thought the sonar.xml.file.suffixes=.xml,.xsd,.xsl,.vbproj,.config would configure the XML plugin to look for .config files. I have this set in the pipeline, I have also tried to set this in the SonarQube UI at the project level (Project settings > General settings > Languages …) and at the server admin level (Administration tab) with no change in the results (And, just this setting is working for another project to scan the web.config as far as I can tell).
The output does indicate that it is identifying xml files to be scanned, so sonar.xml.file.suffixes is working on the .vbproj files
For Logging:
The output does not contain the log entry line like you have highlighted there