Compilation Database on different host

Hi

We want to analyze an IAR ARM C project.

We cannot build the IAR project in the pipeline. This is done on an local machine.

On the local machine we build the application and generate the compilation database file.
The new code is committed along with the compilation database.

A bitbucket pipeline is used to start the sonar scanner.
However the absolute path in the compilation database does not match the path on the pipeline.

What can we do get the sonar scanner to accept the compilation database file?

07:17:42.513 ERROR: Error during SonarScanner execution
java.lang.IllegalStateException: The Compilation Database JSON file was found but 0 C/C++/Objective-C files were analyzed. Please make sure that:
  * you are correctly invoking the scanner with correct configuration
  * your compiler is supported
  * you are providing the path to the correct Compilation Database JSON
  * you are building and analyzing the same source checkout, absolute paths must be identical in build and analysis steps
	at com.sonar.cpp.plugin.CFamilySensor.process(CFamilySensor.java:605)
	at com.sonar.cpp.plugin.CFamilySensor.execute(CFamilySensor.java:241)
	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:62)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:51)
	at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:64)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:468)
	at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:464)
	at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:420)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:57)
	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:51)
	at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
	at jdk.proxy1/jdk.proxy1.$Proxy0.execute(Unknown Source)
	at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
	at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:126)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:81)
	at org.sonarsource.scanner.cli.Main.main(Main.java:62)

Hey there.

Then I supposeā€¦ why have a pipeline at all? :smiley:

SonarCloud expects that the environment analysis is run in is almost identical to the one that the build is performed in, as documented here

  • The analysis environment should be the same as the build environment; the analyzer may need to access the build-related environment variables. For example, when using Microsoft Visual C++ compiler, make sure to execute the analysis from the same Visual Studio Developer Command Prompt you use to build your project. The command prompt sets some environment variables, like INCLUDE, that need to be set during the analysis.

Out of curiosity, what DevOps Platform do you use (GitHub, Bitbucket, Azure DevOps, GitLab)?

In this case we use Bitbucket

And we are only interested in the software quality / static analysis.
Not in the build output or code coverage.

The compilation database should have enough information to determine how the application is compiled.