Can Sonarqube scan Terraform projects that are on versions below 1.x?

We are currently on version 9.5 but are wondering if scans will work on terraform projects that are on version 0.14? I know reading the docs it mentioned its compatible on 1.x. It also mentioned compatibility with Azure which we are using in our Terraform connecting to storage accounts and using azurerm provider Terraform/CloudFormation | SonarQube Docs

So far we have tried to scan a Terraform project in azure devops but on the run code analysis step we get The SonarScanner for MSBuild integration failed: SonarQube was unable to collect the required information about your projects.
SonarqubeErrorLog.txt (3.1 KB)

All the non terraform projects we have are able to be scanned successfully so wondering if this is due to not being on Terraform 1.x?

Any help is appreciated.


Hey there.

Unless your Terraform files are being wrapped by a Visual Studio style .sln file or some new .xxproj project format I’m not familiar with, you should make sure you’re analyzing using the standalone scanner and not the Scanner for MSBuild/.NET.

1 Like

Thanks for the response,

We tested locally using sonar scanner and looks like it was able to scan the terraform files successfully. Now we just need to figure out in the azure devops pipeline how to make the sonarqube steps there work properly to scan the terraform files.

Tested in Azure DevOps on a pipeline and it scans the terraform files properly now. We just had to switch to using standalone scanner in the prepare analysis task. Thanks for the help.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.