recently we started to use SQ in our C project. However looks like SonarQube has issue with detecting bugs in the C code.
Therefore I have prepared simply, dedicated test file which contains bugs defined in SQ rules ( just copy-paste from SQ rules for C, and make it ‘compilable’ in the project).
After analysis none of them have been detected by SonarScanner .
Information about setup:
- SQ Developer Edition, Version 188.8.131.5242
- SonarCFamily plugin 6.3 9build 11371)
- SonarQube Scanner 184.108.40.2062
We call wrapper in Jenkins like this:
D:\jenkins_slave\workspace\xxxx\build-wrapper-win-x86\build-wrapper-win-x86-64.exe --out-dir D:\jenkins_slave\workspace\xxxx\sq_out make all -j6
And later Scanner:
/var/jenkins_home/tools/hudson.plugins.sonar.SonarRunnerInstallation/SonarQScanner/bin/sonar-scanner -Dsonar.projectKey=xxxx -Dsonar.cfamily.build-wrapper-output=sq_out -Dsonar.sources=APP/xxxx/Source/ASP
INFO: Scanner configuration file: /var/jenkins_home/tools/hudson.plugins.sonar.SonarRunnerInstallation/SonarQScanner/conf/sonar-scanner.properties
As results we get:
Analysis total time: 9.484 s
INFO: EXECUTION SUCCESS
Note that code Smells and Duplications are detected in the project.
Are we missing something?