Hello, we have a failed scan which is blocking all subsequent scans that attempt to address the issues. Please help suggest what to do.
The repo has both Java and Python module, but so far we’re only seeing the Java scan results.
Build system for Java uses Maven.
We noticed that after pushing to the main branch in Github the event does not sync to SonarCloud.
ALM used: GitHub
CI system used: None
Scanner command used when applicable (private details masked)
The repo has both Java and Python module, but so far we’re only seeing the Java scan results.
In a Maven/Gradle project, the automatic analysis assumes that all sources (for any language) are in the expected folders (**/src/main/**/* and **/src/test/**/*), which is a standard folder structure for Maven/Gradle projects. If you have other files (python in this case) located somewhere else, that might be the reason. We are considering an improvement so that users can configure the project source and test directories for Maven/Gradle projects.
we have a failed scan
According to the logs of your analysis, the failure reason is out of memory. There are many maven dependencies in your project, and the amount of memory they need exceeds our automatic analysis memory limits. It seems that the Automatic Analysis service is not suitable for this project. In this case, we recommend to try to scan your project using a CI tool.
Thank you for the explanation and recommendation for next step.
To use CI-analysis for a project with multiple languages in the source folder can we use GitHub for CI-analysis? I’ve looked to use monorepo for this repository. is this approach okay if I need to ignore the Maven build and only analyze some part of the source repository?
Also, a second question, between GitHub and Azure DevOps services which platform does SonarQube offer more mature support for monorepo strategy?
Yes. You can use GitHub actions like any other CI systems listed in the link.
The limitation is related to the automatic analysis, not the CI system or your project’s repository type. If the project is Maven or Gradle, the default analysis source path is the standard source path of a Maven or Gradle project. In CI analysis, you can make some adjustments to define your source files to be analyzed. For example, you can change the source path in the pom.xml: