How to configure Sonar when using multiple repos?

Hi,
we are using SonarCloud in our AzureDevOps pipelines for our C#/.NET solution. Currently, the yaml files are in the same repo as the code and the tests. We have multiple branches to maintain (LTS and STS versions). When making a change to a pipeline, we have to ensure that such a change ends up on all such branches. That’s time-consuming and error-prone. Therefore we want to migrate the yaml files to a separate repo and call them from the main repo using a config file, different per branch.
The first pipeline to migrate is the one running as part the automated checks on a PR, generating PR comments for code smells etc. in the code changed by the PR on hand. Although we only changed the yaml file from “run these steps” to “run the yaml file in the other repo”, now EVERY code smell etc. in the code of the main repo (there are a lot, I must admit) are now reported.

My suspicion is that it is related to a change how the checkout now works: With only one repository, the code is checked out to $(Build.SourcesDirectory), but with multiple repos, the code gets checked out to $(Build.SourcesDirectory)/$(Build.Repository.Name) for each repo. I think the base directory Sonar uses is still $(Build.SourcesDirectory), and therefore every file in the main repo is now found in ./$(Build.Repository.Name)/a/file/in/the/main/repo.cs instead of ./a/file/in/the/main/repo.cs and therefore considered as new, leading to all the PR comments.

I made various attempts setting sonar.sources and sonar.baseProjectDir in task SonarCloudPrepare@3, either without effect or leading to one of the following two errors:

a)
##[error]ERROR: File [filename] can’t be indexed twice. Please check that inclusion/exclusion patterns produce disjoint sets for main and test files
##[error][ERROR] SonarQube Cloud: Error while executing task Analyze: The process ‘C:\agent_work_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\3.1.1\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe’ failed with exit code 1

Please note that [filename] adheres to the pattern “$(Build.Repository.Name)/a/file/in/the/main/repo.cs”, i.e. including the repo name at the beginning.

b)
##[error]13:13:09.384 The project base directory doesn’t exist.
##[error][ERROR] SonarQube Cloud: Error while executing task Analyze: The process ‘C:\agent_work_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\3.1.1\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe’ failed with exit code 1

Am I on the right track to set sonar.sources and/or sonar.baseProjectDir? If no, what is the way to go? If yes, how to set them?
And, is there an option to print out the current value of these properties?

Any help is appreciated.

Thanks, Claas

Hi, @ClaasHemig, welcome to the community.

If I understand correctly you are checking out two repositories, and want to analyze only the “.NET” one, right?

In that case, you use the latest version of the tasks (version 7 at this time for SonarQube Cloud) and set sonar.projectBaseDir to the subdirectory that contains your .NET repo through the extraProperties.

Sonar.sources is not supported by the Scanner for .NET, so that would not work.

If that still does not work as expected, let me know. You could post the content of your pipeline here (redacted I f need be) as a first step.

Denis

Thanks Denis, your answer brought me back on track.

Notes to myself:

1. The setting is called sonar.projectBaseDir, not sonar.baseProjectDir (facepalm)
2. don’t fiddle with sonar.sources and sonar.tests (I started doing that because of the mistake I made with #1)

The solution is exactly what I originally thought it should be: just change the root folder where Sonar should start analyzing…

Thanks

BTW: AFAICS, it is version 3 for SonarQube Cloud and version 7 for SonarQube Server

Glad to hear it works! I had not even realized your mistake with the name of the property

BTW: We just rebranded and SonarCloud is now known as SonarQube Cloud (SonarQube is now called SonarQube Server).

Denis