Analysing SQL Scripts

Must-share information :

  • I am using SonarQube Developer Edition of Trail Version
  • I am trying to analyze SQL scripts
  • Tried as C# project in Azure DevOps Pipeline

I am using RedGate Source Control which saves all the SQL objects as .SQL files on a folder structure.

But Run Code Analysis gets failed.

So I want to know, is that possible to analyze SQL scripts files using sonar with pipeline.


Welcome to the community!

I suspect there are multiple pieces here.

First is the question of whether or not the scanner you’re trying to use is “seeing” those files. Your best bet is probably to use the Scanner CLI and make sure to point the analysis parameter sonar.sources at your exported files. (The scanners that are tied to build methods auto-configure that property based on where they would be for that type of build.)

Next, it’s a question of what you’re analyzing. Specifically, you’re trying to analyze .sql files. That means you need to be running an edition that recognizes (parses and has rules for) that file extension. In Developer Edition, the likely candidates are PL/SQL and T-SQL. It looks like by default, PL/SQL recognizes “.sql”. (I’m not sure here about case sensitivity.) And T-SQL recognizes “.tsql”.

You can edit the file extensions in Administration->Langauges->[Language]->File Suffixes. I’m guessing that T-SQL is the one you’ll want.