- SonarQube Server v25.5.0.107428
- dotnet-sonarscanner for MSBuild 10.1.2
- Running SonarQube locally as a Docker container
- Analyze a C# solution
I am trying to analyze a Visual Studio solution with a mix of C#, TypeScript, CSS, HTML etc.
I’m using the dotnet sonarscanner with the following command (I started with a more barebones command but I’ve been trying various things to get it working):
dotnet sonarscanner begin /k:"project-key" `
/d:sonar.host.url="http://localhost:9090" `
/d:sonar.projectBaseDir="D:\code\project\" `
/d:sonar.scanner.scanAll="false" `
/d:sonar.language="cs" `
/d:sonar.token="$token" `
/d:sonar.exclusions="**/node_modules/**,**/bin/**/*,**/obj/**/*" `
/d:sonar.sourceEncoding="UTF-8" `
/d:sonar.verbose=true
The analysis runs and finishes and I can see data in the SonarQube web UI but only for non-C# issues. The issues for all C# code don’t show in SonarQube.
Looking at the verbose log I can see the scanner finding C# issues like:
D:\code\project\src\something\ExtensionMethods.cs(49,23): warning S3260: Private classes which are not derived in the current assembly should be marked as 'sealed'. (https://rules.sonarsource.com/csharp/RSPEC-3260)
So I know things are working locally.
In the analysis step I do see lots of these errors:
No Code Analysis ErrorLog file found at obj\Release\net8.0\\csc_diagnostics.json.
11:11:47.38 No Code Analysis ErrorLog file found at obj\Release\net8.0\\csc_diagnostics.json.
11:11:47.38 No Code Analysis ErrorLog file found at obj\Release\\csc_diagnostics.json.
And these:
WARNING: File 'D:\packages\NuGet\microsoft.net.test.sdk\17.13.0\build\netcoreapp3.1\Microsoft.NET.Test.Sdk.Program.cs' is not located under the base directory 'D:\code\Project\' and will not be analyzed.
File was referenced by the following projects: 'D:\code\Project\tests\Something.csproj',
And finally:
WARN: No Roslyn issue reports were found. The C# files have not been analyzed. You can get help on the community forum: https://community.sonarsource.com
Any idea what might be wrong and how to debug this?
My goal is to get a working scan and see if this data might help us with some code improvements we have planned before looking at purchasing SonarCloud.