Analyzing a pipeline that doesn't build everything

Hello.

I am using Azure DevOps for Source Control (Git) and to run our build pipelines. Currently I am working on a bunch of C#/.NET pipelines. For the sake of this question, assume I have a repo that contains 1 Solution and 10 projects. The solution contains all 5 project files, however the pipeline I am working with only builds one of the projects (that has a reference to 3 of the other projects in the solution). The result is that this pipeline only builds 4 of the 5 projects contained in the repo.

So, my question then is what impact does this have on the data being reported to SonarCloud? Specifically what, if anything, would not be analyzed if the 5th project doesn’t get built in the example above? The source files for the 5 project get cloned down so I guess the only thing that would be missed would be if Sonar inspects the resulting assemblies for something.

Any insight, or links to documentation that explain this, would be greatly appreciated!

Hey there.

In this instance, no results would be reported for that 5th (unbuilt) project. SonarCloud relies on a full build to analyze C# code because the analysis is based on Microsoft’s Roslyn analyzers which are executed as a part of the build.

So for that other project to be analyzed, you would need a separate pipeline that builds the project (wrapped with the Scanner for .NET, as in your other pipeline).