Version: (Linux x86)
- SonarQube Developer 22.214.171.124107
- sonar-scanner 126.96.36.1992
- build-wrapper 6.23
- Bazel 4.2.1
Goal: I’m trying to setup SonarQube to analyze C++ code, with Bazel as the build system, in a CI context.
Attempted so far:
- Followed “Building with Bazel” in the CFamily documentation. Successfully analyzed after a little elbow grease on the outdated flags
- Generating a compilation database and scanning directly with that (no build wrapper). Successfully analyzed
I’m experimenting with different options to analyze some C++ code, but I’m having difficulty understanding the benefits of build_wrapper and some nuance of its Bazel integrations. I got both the Bazel integrations and a direct use of a compilation database to analyze the code, but they produce slightly different results. The Bazel integration’s extra step of a full build without sandboxing or caching leaves me wondering what its benefits are; that build can be extremely slow compared to quickly generating a compilation database. In a CI context, do I need to run build_wrapper each time? Does it produce higher-quality results that make the extra build time worth it?