Docker vs Local - missed code smell

SonarQube Cloud
1

I’m running the sonarqube command using an npx command from a Dockerfile, but Sonar isn’t flagging all issues.
Locally from a Windows Command prompt using the exact same command flags the issues correctly.
The npx command is shown below with the details omitted.

The local version successfully flags a missing import (unused-import rule) but the Docker one doesn’t.
Docker will flag up other issues, but local flags everything it should.
In the logs it can be seen that Local is using linterId “default” whereas Docker is using linterId “unchanged”.
The Local one also shows that it’s saving the unused-import issue whereas the Docker one doesn’t.
I can include more log details if required but it contains information I don’t want to publish.

npx sonarqube-scanner -Dsonar.projectKey="*****" -Dsonar.projectName="*****" -Dsonar.organization="*****" -Dsonar.host.url="https://sonarcloud.io" -Dsonar.token="*****" -Dsonar.pullrequest.base="master" -Dsonar.pullrequest.branch="My/testbranch" -Dsonar.pullrequest.key="*****" -Dsonar.pullrequest.provider="vsts" -Dsonar.pullrequest.vsts.instanceUrl="https://dev.azure.com/cappco/" -Dsonar.pullrequest.vsts.project="*****" -Dsonar.pullrequest.vsts.repository="*****"

Snippets from local log (verbose):

09:19:32.499 DEBUG: Cache entry extracted for key 'js:filemetadata:10.11.1.25225:*****:<myfilepath>/branding.service.ts'
09:19:32.500 DEBUG: Cache strategy set to 'WRITE_ONLY' for file '<myfilepath>/branding.service.ts' as the current file is changed
09:19:32.500 DEBUG: Analyzing file: file:///<myfilepath>/branding.service.ts
09:19:32.502 DEBUG: Analyzing file "<myfilepath>/branding.service.ts" with linterId "default"
09:19:32.806 DEBUG: Parsing <myfilepath>/branding.service.ts with @typescript-eslint/parser
09:19:32.806 DEBUG: Using linter configuration for {"fileType":"MAIN","language":"ts"}
09:19:32.811 DEBUG: Saving issue for rule unused-import on file <myfilepath>/branding.service.ts at line 4
09:19:32.846 DEBUG: Saving issue for rule unused-import on file <myfilepath>/branding.service.ts at line 4
09:19:32.856 DEBUG: Cache entry created for key 'jssecurity:ucfgs:SEQ:10.11.1.25225:*****:<myfilepath>/branding.service.ts' containing 1 file(s)

Snippets from log via docker (verbose):

2024-02-09T09:30:34.3757121Z e[90m09:30:34e[0me[90m [e[0me[97;1mDBGe[0me[90m] e[0m#19 37.94 09:30:34.205 DEBUG: Cache strategy set to 'WRITE_ONLY' for file '<myfilepath>/branding.service.ts' as the current file is changede[0m
2024-02-09T09:30:34.3757730Z e[90m09:30:34e[0me[90m [e[0me[97;1mDBGe[0me[90m] e[0m#19 37.94 09:30:34.205 DEBUG: Analyzing file: file://<myfilepath>/branding.service.tse[0m
2024-02-09T09:30:34.3758339Z e[90m09:30:34e[0me[90m [e[0me[97;1mDBGe[0me[90m] e[0m#19 37.95 09:30:34.220 DEBUG: Analyzing file "<myfilepath>/branding.service.ts" with linterId "unchanged"e[0m
2024-02-09T09:30:35.1381902Z e[90m09:30:35e[0me[90m [e[0me[97;1mDBGe[0me[90m] e[0m#19 38.87 09:30:35.136 DEBUG: Parsing <myfilepath>/branding.service.ts with @typescript-eslint/parsere[0m
2024-02-09T09:30:35.1382951Z e[90m09:30:35e[0me[90m [e[0me[97;1mDBGe[0me[90m] e[0m#19 38.87 09:30:35.136 DEBUG: Using linter configuration for e[0m{"fileType":"MAIN","language":"ts"}e[0m
2024-02-09T09:30:35.2399224Z e[90m09:30:35e[0me[90m [e[0me[97;1mDBGe[0me[90m] e[0m#19 38.91 09:30:35.175 DEBUG: Cache entry created for key 'jssecurity:ucfgs:SEQ:10.11.1.25225:*****:<myfilepath>/branding.service.ts' containing 1 file(s)e[0m
3

Hello @kelvhandley,

can you please share the complete logs? Let me know if you prefer not to share them publicly and I’ll write you privately.

Cheers,
Victor

4

Hi Victor, I’ve prepared the logs for you. Please contact me privately and I’ll share them.

6

I’ve managed to fix it!
This is caused by how we copied files to the Docker Image

The following code was how it was. This copies the git folder to the parent folder (/usr/src) and the contents of the my-app folder to /usr/src/app.
Now that the my-app folder is effectively a different folder name (app), the changes are not picked up by sonar (probably due to how git works).

WORKDIR /usr/src
COPY .git .git
COPY my-app /usr/src/app

/usr/src
 |
 +-- .git
 |    
 +-- app
    |
    +-- package.json
    +-- package-lock.json
    +-- ....more files

The fix was to copy everything and let .dockerignore filter it down to the git folder and my-app folder.

WORKDIR /usr/src/app
COPY . .

/usr/src/app
 |
 +-- .git
 |    
 +-- my-app   
    |    
    +-- package.json
    +-- package-lock.json
    +-- ....more files

.dockerignore
# Ignore everything
*

# Include UI folder and git for Sonar
!/my-app
!/.git

# Exclude anything else not needed in those subfolders
**/node_modules
**/.npmrc
**/.husky
**/README.md
**/.gitignore
**/.editorconfig
**/tools
**/libs
**/*.Dockerfile
1 Like
8

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.