I’m facing a below issue during the scanning of projects using GitHub sonar actions. Please refer the screenshot and implementation steps for reference.
My project is developed in .NET. Below is my Sample workflow.
Workflow implementation
name: Build, Test and Upload
on:
push:
branches: [feature]
jobs:
build:
strategy:
matrix:
configuration: [Release]
runs-on: [windows-latest]
env:
Project_Path: .\SSN\DotNet\SSNLookup
Solution_Name: .\SSN\DotNet\SSNLookup\SSNLookup.sln
Test_Project_Path: .\SSN\DotNet\SSNLookup\SSNLookupTest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
# Add MSBuild to the PATH: https://github.com/microsoft/setup-msbuild
- name: Setup MSBuild.exe
uses: microsoft/setup-msbuild@v1
- name: Setup NuGet
uses: nuget/setup-nuget@v1
- name: Setup VSTest
uses: darenm/Setup-VSTest@v1
- name: Restore Packages
run: nuget restore $env:Solution_Name
# Restore the application to populate the obj folder with RuntimeIdentifiers
- name: Restore the application
run: |
msbuild.exe $env:Solution_Name /p:platform="Any CPU" /p:Configuration=$env:Configuration
env:
Configuration: ${{ matrix.configuration }}
- name: Run Tests
run: vstest.console.exe $env:Test_Project_Path\bin\Release\SSNLookupTest.dll
- name: Run OpenCover for code coverage report generation
run:
Start-Process "$env:Project_Path\packages\opencover.4.7.1221\tools\OpenCover.Console.exe" -wait -NoNewWindow -ArgumentList "-target:""vstest.console.exe"" -targetargs:""$env:Test_Project_Path\bin\Release\SSNLookupTest.dll"" -output:""$env:Project_Path\coverage.xml"" -mergebyhash -register:path32 -returntargetcode"
- name: Run nunit for test report generation
run:
Start-Process "$env:Project_Path\packages\Nunit.ConsoleRunner.3.16.3\tools\nunit3-console.exe" -wait -NoNewWindow -ArgumentList @("--result=$env:Project_Path\TestResult.xml", "$env:Test_Project_Path\bin\Release\SSNLookupTest.dll")
- name: Generate Test Coverage Report
run:
Start-Process "$env:Project_Path\packages\ReportGenerator.5.1.22\tools\net47\ReportGenerator.exe" -wait -NoNewWindow -ArgumentList "-reports:""$env:Project_Path\coverage.xml"" -targetdir:""$env:Project_Path\Report"" -sourcedirs:""$env:Project_Path"""
- name: Zip Project folder
run: |
tar -cvf Project.tar D:\a\SSN-Dbkey-Lookup\SSN-Dbkey-Lookup
- name: Upload Project folder
uses: actions/upload-artifact@v3
with:
name: Project.tar
path: .\Project.tar
retention-days: 1
SonarQube:
name: Sonar Scan
needs: [build]
runs-on: [ self-hosted, kubernetes, on-prem ]
# NOTE: Using SonarQube in actions has issues with the push event.
continue-on-error: true
steps:
- name: Download Binaries
uses: actions/download-artifact@v3
with:
name: Project.tar
- name: Unzip Files
run: |
tar xvf /runner/_work/SSN-Dbkey-Lookup/SSN-Dbkey-Lookup/Project.tar
- name: Check files
run: |
find a/SSN-Dbkey-Lookup/SSN-Dbkey-Lookup/sonar-project.properties -type f
- name: Read file content
run:
cat a/SSN-Dbkey-Lookup/SSN-Dbkey-Lookup/sonar-project.properties
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@v1.2.0
with:
args: >
-Dsonar.cs.opencover.reportsPaths=**/coverage.xml
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
- name: SonarQube Quality Gate check
uses: sonarsource/sonarqube-quality-gate-action@v1.0.0
with:
scanMetadataReportFile: ./.scannerwork/report-task.txt
timeout-minutes: 5
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
sonar-project.properties. It is created in the root directory
sonar.projectKey=SSN-Dbkey-Lookup
sonar.projectName=SSN-Dbkey-Lookup
sonar.sources=.
sonar.language=cs
sonar.souceEncoding=UTF-8
sonar.cs.opencover.reportsPaths=**/coverage.xml
sonar.cs.nunit.reportsPaths=**/TestResult.xml
sonar.exclusions=*/qa_automation_test