- ALM used: Bitbucket Cloud
- CI system used: Bitbucket Cloud
- Programming language: C++
- Scanner command used:
sonar-scanner -Dsonar.cfamily.build-wrapper-output=$BW_OUTPUT -Dsonar.sources=./Src/ -Dsonar.projectKey=my-second-project -Dsonar.organization=myorg -Dsonar.host.url=https://sonarcloud.io
We have a C++ project with two compilation variants. Depending on the platform, only some source code files are compiled. Since we can’t analyze the code of those *.cpp source files that aren’t compiled, the idea is to run two different compilations+analysis and publish the results in different SonarCloud projects. The initial SonarCloud project (namely “my-main-project”) is connected to the BitBucket repo. The second SonarCloud project (namely “my-second-project”) can’t be connected to the same repo and is therefore managed “manually”.
When setting the SONAR_TOKEN for the second project, and using the script above (setting the projectKey), sonar-scanner overrides the given projectKey for the projectKey assigned to the repo (“my-main-project”). This can be seen in the console output:
INFO: Found an active CI vendor: 'Bitbucket Pipelines' INFO: Detected project key 'my-main-project' from 'Bitbucket Cloud Pipelines' INFO: Detected organization key 'myorg' from 'Bitbucket Cloud Pipelines' INFO: Load project settings for component key: 'my-main-project' INFO: Load project settings for component key: 'my-main-project' (done) | time=546ms
How should I pass the projectKey to sonar-scanner so that it is not overriden by the Bitbucket Pipelines project key? Is there any other way to at least analyze statically the source code files that are not compiled for a given variant?