-Dsonar.verbose or -Dsonar.log.level=DEBUG not working

SonarQube Cloud
1

Hi,

I am trying to configure verbosity on scanner action that runs in a GitHub Actions workflow. Whatever parameter I use, sonar.verbose or sonar.log.level, no details appear in the console and I cannot fix warnings emitted by the scanner. I tried to put this parameter in the Gradle build script or in the gradlew command line, but the result is the same.

  • ALM: GitHub
  • CI system: GitHub Actions
  • Scanner version: 5.0.0.4638
  • Scanner action and command used
- name: Scan source code and test results
  env:
    GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
    run: ./gradlew :plugin:sonar --console=plain -Dorg.gradle.jvmargs=-Xmx512m -Dsonar.verbose=true
  • Languages of the repository: Java, Vue.js SFC with Typescript and CSS, Typescript, SCSS
  • SonarCloud project
  • Error:
Run ./gradlew :plugin:sonar --console=plain -Dorg.gradle.jvmargs=-Xmx512m -Dsonar.verbose=true
Starting a Gradle Daemon, 1 incompatible Daemon could not be reused, use --status for details
> Task :plugin:buildSrc:compileJava UP-TO-DATE
> Task :plugin:buildSrc:compileGroovy NO-SOURCE
> Task :plugin:buildSrc:pluginDescriptors UP-TO-DATE
> Task :plugin:buildSrc:processResources NO-SOURCE
> Task :plugin:buildSrc:classes UP-TO-DATE
> Task :plugin:buildSrc:jar UP-TO-DATE
> Task :plugin:compileJava UP-TO-DATE
> Task :plugin:pluginDescriptors UP-TO-DATE
> Task :plugin:processResources UP-TO-DATE
> Task :plugin:classes UP-TO-DATE
> Task :plugin:jar UP-TO-DATE

> Task :plugin:sonar
Unresolved imports/types have been detected during analysis. Enable DEBUG mode to see them.

[...]
BUILD SUCCESSFUL in 45s
8 actionable tasks: 1 executed, 7 up-to-date
  • Potential workaround: enabling Gradle info/debug log level is the only way to see additional info from the scanner. But it is drowned into Gradle log messages and it’s very difficult to know which of Gradle or the scanner logged the message.

Am I missing something in my configuration or in the documentation?

Thanks in advance for your help.
BR

1 Like
2

On your gradle command add --debug and you’ll then see the Sonar Debug messages too. Unfortunately you’ll also get a load of gradle debug too so best to output it to a file.

1 Like
3

Hi,

Indeed, this is what I already mentioned at the end of my initial post:

Potential workaround: enabling Gradle info/debug log level is the only way to see additional info from the scanner. But it is drowned into Gradle log messages and it’s very difficult to know which of Gradle or the scanner logged the message.

If this is the only way to see detailed logging messages, then I highly suggest this is mentioned in the documentation of the Sonar Scanner for Gradle, because I spent too much time trying official optional parameters (see title of this post). It’s really a pity such option is not documented correctly because I think it’s the first thing developers are looking for in case of unexpected analysis results.

Another excerpt from the online documentation suggests the sonar.verbose parameter should be working:

Sonar properties can also be set from the command line, or by setting a system property named exactly like the Sonar property in question. This can be useful when dealing with sensitive information (e.g. credentials), environment information, or for ad-hoc configuration.

gradle sonar -Dsonar.host.url=http://sonar.mycompany.com -Dsonar.verbose=true

Unfortunately, this is not the case.
BR

4 
tasks.sonar {
    useLoggerLevel(LogLevel.DEBUG)
}

did the trick.