How to scan the solution with both C# and C++, and then merge the scan results?

SonarCloud
,
1

When using Azure DevOps pipeline like this, there was no C# scan results, and there was a warning in the log:
WARN: Your project contains C# files which cannot be analyzed with the scanner you are using. To analyze C# or VB.NET, you must use the SonarScanner for .NET 5.x or higher

image
image975×470 14.2 KB

image
image728×409 20.6 KB

When using pipeline like this, C# can be scanned, but many other code lines were lost in the scan results

image
image1009×237 8.54 KB

image

The build machine we’re using is a self-hosted agent. SonarScanner 5.* has been installed, but it seems Azure DevOps pipeline always calls SonarScanner 4.6.* which can’t support C# scan. Could you please help us to take a look? Is it possible to combine the scan of C# and C++?

Thanks a lot!

1 Like
2

Hey there.

Analyzing C# and C++ together is possible (and fairly easy) if everything is being built by a call to MSBuild. Take a look at the documentation here on scanning a solution with a Mix of C# and C++.

To analyze C#, the Scanner for .NET must be used (there’s no way around it), so for a single SonarCloud project everything must fit in the context of this scanner.

What code lines are lost? C++ lines? Other file types?

1 Like
4

Not all of the C++ lines are lost when using “dotnet sonarscanner begin”. File types have overlap. I’m going to try “SonarScanner.MSBuild.exe begin” to see if any different. Thanks!

5

image
image874×244 9.49 KB

image

I’ve tried “sonar-scanner-msbuild-5.4.0.40033-net46\SonarScanner.MSBuild.exe”, the pipeline code and logs are as above picture shown.
I’ve tried two other scripts:

  1. “dotnet sonar-scanner-msbuild-5.4.0.40033-net5.0\SonarScanner.MSBuild.dll begin”
  2. “dotnet sonarscanner begin”
    But the scan results are all same as the results when I used SonarScanner.MSBuild.exe. I mean the code lines are obviously less than using SonarCloudPrepare and default calling sonarscanner 4.6.2.2472.

So now I have two questions:
Q1. If I use SonarCloudPrepare then run script “SonarScanner.MSBuild.exe begin”, I will get an error at the beginning of the scan: ##[error]ERROR: File ******** can’t be indexed twice. Please check that inclusion/exclusion patterns produce disjoint sets for main and test files
Q2. I feel confused about the scanner version, SonarCloudPrepare called the scanner with version 4.6.2.2472 which didn’t scan C# but scanned more C++ and C lines, “SonarScanner.MSBuild.exe begin” called the scanner with version 5.4 which did scan C# but less C++ and C lines. Which scan result is that I should take? Can I merge them?

Could you please send me the PM? Maybe I can share more detail logs to you. Thanks!