I am having an issue with SonarCloud not analyzing Docker files and Jenkins files for my GitHub project. While I have been able to successfully analyze other file types, such as Java and Python, using SonarCloud, the Docker and Jenkins files are not being analyzed. I have confirmed that the files are properly formatted and contain no syntax errors.
I also noticed that another GitHub project within my organization has a Docker file that has been successfully analyzed by SonarCloud. The main difference between the two Docker files is their names: the one that was analyzed is named “default Docker,” while the one that is not being analyzed is named “Docker-web.” I am wondering if this naming difference could be causing the issue. Additionally, I want to point out that none of the Jenkins files on any of my projects are being analyzed by SonarCloud.
I have not installed any additional plugins or tools that may be affecting the analysis of these files.
Could you please provide guidance on how to resolve this issue?
Dockerfiles can have all kinds of names and do not need a file extension. For this reason, it is difficult for the scanner and the analyzer to recognize all Dockerfiles. By default, all files named Dockerfile, Dockerfile.*, or *.dockerfile are considered Dockerfiles. If other conventions apply, these can be specified via the scanner property sonar.lang.patterns.docker.
You should also make sure Docker analysis is enabled under the project-level Administration > General Settings > Languages > Docker
SonarCloud does not support scanning Jenkinsfiles.
I cannot change the name of the Dockerfile to “Dockerfile”, “Dockerfile.", or ".dockerfile” as you suggested because it will break my CI/CD pipeline. Instead, I tried the second approach of using the “sonar.lang.patterns.docker” property in the “.sonarcloud.properties” file, but unfortunately, it did not work for me.
Here is what I did:
I created a “.sonarcloud.properties” file in my GitHub project with the following configuration under / dir: