Empty results after scanning Bitbucket repo

sonar-scanner-3.2.0.1227-windows
project source code: PHP
Ran a scan and see below

C:\Program Files\sonar-scanner-cli-3.2.0.1227-windows\sonar-scanner-3.2.0.1227-windows\bin>sonar-scanner.bat -Dsonar.projectKey=uxxx -Dsonar.organization=xxxx -Dsonar.sources=. -Dsonar.host.url=https://sonarcloud.io -Dsonar.login=xxx
INFO: Scanner configuration file: C:\Program Files\sonar-scanner-cli-3.2.0.1227-windows\sonar-scanner-3.2.0.1227-windows\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 3.2.0.1227
INFO: Java 1.8.0_121 Oracle Corporation (64-bit)
INFO: Windows 10 10.0 amd64
INFO: User cache: C:\Users\xxx\.sonar\cache
INFO: SonarQube server 7.4.0
INFO: Default locale: "en_SG", source code encoding: "windows-1252" (analysis is platform dependent)
INFO: Publish mode
INFO: Load global settings
INFO: Load global settings (done) | time=1829ms
INFO: Server id: BD367519-AWHW8ct9-T_TB3XqouNu
INFO: User cache: C:\Users\xxx\.sonar\cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=401ms
INFO: Load/download plugins (done) | time=4572ms
INFO: Loaded core extensions: branch-scanner
INFO: Process project properties
INFO: Load project branches
INFO: Load project branches (done) | time=1392ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=344ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=5ms
INFO: Load project repositories
INFO: Load project repositories (done) | time=435ms
INFO: Execute project builders
INFO: Execute project builders (done) | time=8ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=375ms
INFO: Load active rules
INFO: Load active rules (done) | time=14137ms
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=355ms
WARN: SCM provider autodetection failed. No SCM provider claims to support this project. Please use sonar.scm.provider to define SCM of your project.
INFO: Project key: xxx
INFO: Project base dir: C:\Program Files\sonar-scanner-cli-3.2.0.1227-windows\sonar-scanner-3.2.0.1227-windows\bin
INFO: Organization key: xxx
INFO: -------------  Scan uniqrewards_20180910
INFO: Base dir: C:\Program Files\sonar-scanner-cli-3.2.0.1227-windows\sonar-scanner-3.2.0.1227-windows\bin
INFO: Working dir: C:\Program Files\sonar-scanner-cli-3.2.0.1227-windows\sonar-scanner-3.2.0.1227-windows\bin\.scannerwork
INFO: Source paths: .
INFO: Source encoding: windows-1252, default locale: en_SG
INFO: Load server rules
INFO: Load server rules (done) | time=10759ms
INFO: Index files
INFO: 2 files indexed
INFO: Sensor SonarJavaXmlFileSensor [java]
INFO: Sensor SonarJavaXmlFileSensor [java] (done) | time=40ms
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=41ms
INFO: Sensor JavaSecuritySensor [security]
INFO: UCFGs: 0, excluded: 0, source entrypoints: 0
INFO: No UCFGs have been included for analysis.
INFO: Sensor JavaSecuritySensor [security] (done) | time=10ms
INFO: Sensor CSharpSecuritySensor [security]
INFO: UCFGs: 0, excluded: 0, source entrypoints: 0
INFO: No UCFGs have been included for analysis.
INFO: Sensor CSharpSecuritySensor [security] (done) | time=1ms
INFO: No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.
INFO: Calculating CPD for 0 files
INFO: CPD calculation finished
INFO: Analysis report generated in 163ms, dir size=56 KB
INFO: Analysis reports compressed in 43ms, zip size=17 KB
INFO: Analysis report uploaded in 2652ms
INFO: ANALYSIS SUCCESSFUL, you can browse https://sonarcloud.io/dashboard?id=xxx
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=xxx
INFO: Task total time: 38.904 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 51.425s
INFO: Final Memory: 35M/316M
INFO: ------------------------------------------------------------------------

From dashboard.

Lines of Code is zero!

ChatTong,

Based on this line from the logs…

INFO: Project base dir: C:\Program Files\sonar-scanner-cli-3.2.0.1227-windows\sonar-scanner-3.2.0.1227-windows\bin

It appears you might be running sonar-scanner on the actual home of the sonar-scanner executable rather than on your folder of source code. Make sure sonar-scanner is added to your PATH and try running it from inside the base directory of where the code for this project resides.

Colin

Thanks Colin.

I’m a bit confused. I have 2 projects linked to my bitbucket account and my assumption is sonarcloud would actually scan the sourcecode from bitbucket. However, this is not the case and looks like I need to have the source code on my workstation.

Am I missing something? Your expert advise please.

Hi,

I’ve moved this topic to the #help:sc category has you’re using SonarCloud and not SonarQube here.

SonarCloud does integrate with BitBucket Cloud, and for more insights on how to get it set up I suggest you go through the following documentation: https://sonarcloud.io/documentation/integrations/bitbucketcloud .

image

In the image above, What is your OS? Does this apply to SonarCloud?

and I have the following in bitbucket-pipelines.yml.

pipelines:
default:
- step:
script:
- sonar-scanner
-Dsonar.projectKey=xxx
-Dsonar.organization=xxx
-Dsonar.sources=.
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.login=$SONAR_TOKEN

However, I received this error message
+ sonar-scanner \ -Dsonar.projectKey=xxx \ -Dsonar.organization=xxx \ -Dsonar.sources=. \ -Dsonar.host.url=https://sonarcloud.io \ -Dsonar.login=$SONAR_TOKEN bash: sonar-scanner: command not found

@NicoB mentioned the documentation page about Bitbucket Cloud integration: the FAQ says:

If you want to analyze a non-Java project (JS, TS, PHP, Python, Go, …), you will need to download and install the Scanner CLI during the execution of your build prior to the actual code scan.

This is what you need to do before calling sonar-scanner.

Thank you very much for your assistance. Will come back to SonarCloud when is fully and tightly integrated to BitBucket.