Can't configure scan in Sonar Cloud for Node.JS project

Hi guys!

I am trying to run Sonar Cloud in an Azure DevOps pipeline, for a Node.JS pipeline. I am using the following YAML code to create the pipeline:

steps:

  - task: SonarCloudPrepare@1

    displayName: 'Prepare SonarCloud analysis'
    inputs:

      SonarCloud: 'ServiceConnectionName'

      organization: $(SonarOrganization)

      scannerMode: 'CLI'

      cliProjectKey: $(SonarProjectKey)

      cliProjectName: $(SonarProjectName)

      cliSources: 'ProjectFolder'

  - bash: cd ProjectFolder && npm ci

    displayName: "Calling npm ci"

  - bash: cd ProjectFolder && npm run build

    displayName: "Calling npm run build"

  - task: SonarCloudAnalyze@1

    displayName: 'Run SonarCloud code analysis'

  - task: SonarCloudPublish@1

    displayName: 'Publish SonarCloud quality gate results'

I have already tried to hardcode the organization, project key and project name. It still doesn’t work! I am getting the following error:

ERROR: You must define the following mandatory properties for ‘Unknown’: sonar.projectKey

Where exactly do I fetch the project key? I am assuming that is the error. I can’t find this key

Hi @ccoutinho and welcome to the community !

Depending on the scannerMode you choose, the following properties doesn’t have the same name. And this is what happened to you.

If you choose scannerMode ‘CLI’, you must use :

cliProjectKey : $(SonarProjectKey)
cliProjectName : $(SonarProjectName)
cliProjectVersion : if needed
cliSources : if needed

HTH,
Mickaël

Hi Mickael,

What exactly are the differences between the different the scanner modes? Are there only two?

And from where shall I fetch the project key? I have been using the same key as the project name, since I can’t find it anywhere.

I have changed the code (updated in the original post), and I am having the same error

There are 3 :
MSBuild : self-explaining, will use the Scanner for MSBuild under the hood to analyze .NET projects
‘Other’ : This is the value for option Integrate with Maven / Gradle
CLI : To use directly the ScannerCLI (which is the low level Scanner that many other scanners invoke)

Project key is the one that you setup when you created your project on SonarCloud, on this page :

1 Like

I don’t know how to get to that page. The only project name/key I had setup is the project name. Thus I’m using the project name for both cliProjectKey and cliProjectName

You can go to “Update key” menu to see it (i concur, this empty page is not really helpful, that on our plan to change it)

Exactly, that key is what I use for both projectKey and projectName. And I still get that error

Are you sure that the variable $(SonarProjectKey) is well resolved during the Run Code analysis task ? Could you share this task log in debug mode if possible ?

Let me hardcode it, just to be sure. I tried to turn on the debug mode but it didn’t work. I guess I was using the MSBuild way. Can you tell how to do that?

You can add the system.debug pipeline variable, with true as value, it should be ok.

It didn’t work with hardcoded project key/name value. Here’s the output in debug mode:

output.txt (41.8 KB)

Will it possible to share the full log please ? it may help me seeing the beginning, which is the most important part for the configuration.

I can send you a PM if you need to share it privately, let me know.

Thanks !

Updated. I don’t think there are any secrets in the logs, not even the variable values. So it will be ok to share it here. Please have a look!

Thanks, can you share also the log for the Prepare analysis configuration task ?

This I will need to send a PM. How can I do that?