- ALM used: Azure DevOps
- CI system used: Azure DevOps
- Scanner command used when applicable
Azure Devops (does not analyze TS files)
-task: SonarCloudPrepare@3
inputs:
SonarQube: "${{ parameters.sonar_service_connection }}"
organization: '<org name>'
scannerMode: 'cli'
cliScannerVersion: "${{ parameters.sonar_scanner_version }}"
configMode: 'manual'
cliProjectKey: "${{ parameters.sonar_project_key_prefix }}-${{ parameters.artifactName }}"
cliSources: ./
extraProperties: |
sonar.verbose=true
sonar.exclusions=**/.next/**,**/coverage/**,**/node_modules/**
sonar.scm.exclusions.disabled=true
sonar.javascript.exclusions=*.git,**/node_modules/**,**/.next/**
sonar.typescript.exclusions=*.git,**/node_modules/**,**/.next/**
sonar.projectBaseDir=${{ parameters.sourceDirectory }}
- task: SonarCloudAnalyze@3
inputs:
jdkversion: "${{ parameters.sonar_scanner_jdk_version }}"
displayName: Execute Sonar Analysis
- task: SonarCloudPublish@3
inputs:
pollingTimeoutSec: '300'
displayName: Publish Sonar Results
Local Mac (successful analyses)
sonar-scanner -Dsonar.verbose=true \
-Dsonar.token="<token>"\
-Dsonar.organization=<org name> \
-Dsonar.projectKey=<project key> \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.scm.exclusions.disabled=true \
-Dsonar.javascript.exclusions='*.git,**/node_modules/**,**/.next/**' \
-Dsonar.typescript.exclusions='*.git,**/node_modules/**,**/.next/**' \
-Dsonar.flex.cobertura.reportPaths=./apps/web/coverage/cobertura-coverage.xml \
-Dsonar.branch.name=feature/E1901-26270-sonar-integration-develop \
-Dsonar.branch.target=develop \
-Dsonar.sources=./apps/web 2>&1 | less
-
Languages of the repository: JavaScript, Typescript, Bicep
-
Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
When i analyze the code with the command shown above from my mac everything works fine and the lines in the typescript files are properly recognized and the issues are reported.
When i do it within the Azure Devops Pipeline with the command shared above, the analyze runs successfull (no error message) but the TS files are shown with 0 lines and the issues are not found.
I cannot share the full log as this is a client environment.
Here is a screenshot from the UI after ADO scan:
And this is the scan done from local:
Strangely the local scan doesnt include all files and folders even that they are present in the log (for instance apps/web/actions is missing from the local scan but the log shows that it has been analyzed)
The sonar scanner version that we use is 7.1.0.4889 in both cases. (i have already tried other versions without a change)
Any idea is appreciated.
Thanks upfront and best regards
Frank