We would like SonarCloud to analyze both code and helm chart although despite many tries our helm chart is not detected.
From the root of the repo we have one folder for source code and one for helm chart which contain a template folder with atleast 1 deployment object.
Kubernetes language is activated (we also tried by expliciting sonar.kubernetes.activate)
We use BitbucketCloud and version 3.11.0.3922 of sonar-maven-plugin
We did add -Dsonar.maven.scanAll=true to mvn verify:
Iβve flagged this for the team that owns the scanner. Iβm wondering if itβs a question of an extra directory at project root instead of individual files.
I guess exact structure do not matter for your parser as itβs probably checking all .yaml for k8s manifests from root folder.
If we do ls just before mvn verify in our CI we properly see content of helm chart including a deployment object which has all k8s manifest minimum specs.
On cloud we have some settings in code coverage / duplication exclusion but nothing in files analysis. On mvn parameters we do not specify anything related to inclusion / exclusion.
We did put scanAll in both PR and on main branch, still no analysis result.
What we see exactly in logs:
[INFO] 06:21:55.088 Project configuration:
[INFO] 06:21:55.089 Excluded sources: **/build-wrapper-dump.json
[INFO] 06:21:55.090 Excluded sources for coverage: **/model/*, **/domain/*, **/*Controller.java, **/*Exception.java, **/exception/*, **/repository/*, **/items/*, **/*Properties.java, **/types/*, **/spec/*
[INFO] 06:21:55.090 Excluded sources for duplication: **/model/*, **/domain/*, **/items/*
[INFO] 06:21:55.131 114 files indexed
[INFO] 06:21:55.138 Quality profile for java: XXX Way
[INFO] 06:21:55.138 Quality profile for xml: Sonar way
So need to understand why we donβt have your:
[INFO] 10:53:56.789 Quality profile for yaml: Sonar way
Despite having on cloud settings quality profile Kubernetes: Sonar Way / language sonar.kubernetes.activate
To identify the problem, I suggest you run the analysis without setting any non-mandatory property and having the sonar.maven.scanAll=true. See if the desired files are analyzed, and try to incrementally add the other properties to identify which one is conflicting and causing the issue.
It would be appreciated if you could report any useful findings to us.