Main Branch Has No Lines of Code (with analysis file)

Must-share information (formatted with Markdown):

• which versions are you using (SonarQube 10.0.0.68432, Scanner 4.8.0.2856)
• how is SonarQube deployed: zip on Windows Server
• what are you trying to achieve: exploration/test scanning/troubleshooting before I set up something more real
• what have you tried so far to achieve this: Running scans from the Web interface and also the CLI (with the “sonar-scanner.properties.conf” file set)

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

As a new member of my project I have inherited an existing SonarQube setup from the guy I replaced. I am not well practiced with the application but have been working through some lessons on it and now have hands-on access to the setup I am now supposed to be in charge of. This entire thing is undocumented so I’m having to work through this blind.

It looks like a year ago the Community version was set up on the project’s Azure DevOps server as a native installation - no docker or anything. It was successfully run once using the web interface (or so it appears because that .conf file was not set up and IIRC that’s required for CLI launches). That success data is supposed to be preserved so for the immediate time being I am only messing with the existing installation to familarize myself with Sonar since we will be regularly using it sometime in the near future.

The one project we have on Azure DevOps does have code in it - cursory glance makes it look like C# but I’m no developer - and as before it has worked at least once in the past. However, if I set up something using the web frontend (Manually, Locally, aimed at the “main” it defaults to, either with a new token generated on the fly or with a global token I set up previously, using “Other” against “Windows”) OR trying to run it through the CLI, I ultimately end up with a “success” that claims to have seen no code.

This seems to be a very common problem with no clear solution. Based on what I’ve read, I have run another attempt using “sonar-scanner -X -D sonar.projectKey=ConsoleTest” to get the verbose output I see requested. Question: When I run it this way, how does my scanner know where to look for code at all? I got this string (sans -X) from a video example of someone who was successful, though he was using Brian DevOps.

As a side note I do see the web GUI has an AzureDevOps option but apparently I can’t use this because “Common Name” has been depricated on certs, and therefor my certificate is wrong (and getting a new one is its own process I don’t fully control).

Below is what comes out of my last run from the CLI, with the two things that stick out to me being that it skips C# because it sees no files and that there is no SCM (curiously one person on here claims they fixed their “No code” issue by disabling SCM).

==

C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin>sonar-scanner -X -D sonar.projectKey=ConsoleTest
14:32:58.320 INFO: Scanner configuration file: C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin\..\conf\sonar-scanner.properties
14:32:58.329 INFO: Project root configuration file: NONE
14:32:58.361 INFO: SonarScanner 4.8.0.2856
14:32:58.361 INFO: Java 11.0.17 Eclipse Adoptium (64-bit)
14:32:58.361 INFO: Windows Server 2019 10.0 amd64
14:32:58.542 DEBUG: keyStore is :
14:32:58.542 DEBUG: keyStore type is : pkcs12
14:32:58.543 DEBUG: keyStore provider is :
14:32:58.543 DEBUG: init keystore
14:32:58.544 DEBUG: init keymanager of type SunX509
14:32:58.778 DEBUG: Create: C:\Users\Administrator\.sonar\cache
14:32:58.779 INFO: User cache: C:\Users\Administrator\.sonar\cache
14:32:58.779 DEBUG: Create: C:\Users\Administrator\.sonar\cache\_tmp
14:32:58.783 DEBUG: Extract sonar-scanner-api-batch in temp...
14:32:58.788 DEBUG: Get bootstrap index...
14:32:58.788 DEBUG: Download: http://localhost:9000/batch/index
14:32:58.854 DEBUG: Get bootstrap completed
14:32:58.859 DEBUG: Create isolated classloader...
14:32:58.868 DEBUG: Start temp cleaning...
14:32:58.873 DEBUG: Temp cleaning done
14:32:58.874 DEBUG: Execution getVersion
14:32:58.897 INFO: Analyzing on SonarQube server 10.0.0.68432
14:32:58.898 INFO: Default locale: "en_US", source code encoding: "windows-1252" (analysis is platform dependent)
14:32:58.899 DEBUG: Work directory: C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin\.scannerwork
14:32:58.903 DEBUG: Execution execute
14:32:59.438 DEBUG: Community 10.0.0.68432
14:32:59.749 INFO: Load global settings
14:32:59.804 DEBUG: GET 200 http://localhost:9000/api/settings/values.protobuf | time=52ms
14:32:59.847 INFO: Load global settings (done) | time=98ms
14:32:59.849 INFO: Server id: 147B411E-AYjZ4gEgbyg-zpd29m4Y
14:32:59.858 INFO: User cache: C:\Users\Administrator\.sonar\cache
14:32:59.862 INFO: Load/download plugins
14:32:59.862 INFO: Load plugins index
14:32:59.871 DEBUG: GET 200 http://localhost:9000/api/plugins/installed | time=8ms
14:32:59.917 INFO: Load plugins index (done) | time=55ms
14:33:00.035 INFO: Load/download plugins (done) | time=173ms
14:33:00.111 DEBUG: Plugins:
14:33:00.112 DEBUG:   * Python Code Quality and Security 4.1.0.11333 (python)
14:33:00.113 DEBUG:   * Go Code Quality and Security 1.12.0.4259 (go)
14:33:00.114 DEBUG:   * JaCoCo 1.3.0.1538 (jacoco)
14:33:00.114 DEBUG:   * Kotlin Code Quality and Security 2.13.0.2116 (kotlin)
14:33:00.115 DEBUG:   * IaC Code Quality and Security 1.15.0.3752 (iac)
14:33:00.116 DEBUG:   * JavaScript/TypeScript/CSS Code Quality and Security 10.1.0.21143 (javascript)
14:33:00.116 DEBUG:   * Ruby Code Quality and Security 1.12.0.4259 (ruby)
14:33:00.117 DEBUG:   * Scala Code Quality and Security 1.12.0.4259 (sonarscala)
14:33:00.118 DEBUG:   * C# Code Quality and Security 8.55.0.65544 (csharp)
14:33:00.119 DEBUG:   * Java Code Quality and Security 7.17.0.31219 (java)
14:33:00.120 DEBUG:   * HTML Code Quality and Security 3.7.1.3306 (web)
14:33:00.122 DEBUG:   * Flex Code Quality and Security 2.8.0.3166 (flex)
14:33:00.123 DEBUG:   * XML Code Quality and Security 2.7.0.3820 (xml)
14:33:00.124 DEBUG:   * PHP Code Quality and Security 3.28.0.9490 (php)
14:33:00.124 DEBUG:   * Text Code Quality and Security 2.0.2.1090 (text)
14:33:00.125 DEBUG:   * VB.NET Code Quality and Security 8.55.0.65544 (vbnet)
14:33:00.125 DEBUG:   * Configuration detection fot Code Quality and Security 1.2.0.267 (config)
14:33:00.810 INFO: Process project properties
14:33:00.811 INFO: Process project properties (done) | time=1ms
14:33:00.814 INFO: Execute project builders
14:33:00.815 DEBUG: Execute project builder: org.sonar.plugins.csharp.CSharpGlobalProtobufFileProcessor
14:33:00.816 DEBUG: Execute project builder: org.sonar.plugins.vbnet.VbNetGlobalProtobufFileProcessor
14:33:00.817 INFO: Execute project builders (done) | time=3ms
14:33:00.828 INFO: Project key: ConsoleTest
14:33:00.828 INFO: Base dir: C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin
14:33:00.830 INFO: Working dir: C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin\.scannerwork
14:33:00.831 DEBUG: Project global encoding: windows-1252, default locale: en_US
14:33:00.845 INFO: Load project settings for component key: 'ConsoleTest'
14:33:00.880 DEBUG: GET 200 http://localhost:9000/api/settings/values.protobuf?component=ConsoleTest | time=35ms
14:33:00.883 INFO: Load project settings for component key: 'ConsoleTest' (done) | time=38ms
14:33:01.019 DEBUG: Creating module hierarchy
14:33:01.019 DEBUG:   Init module 'ConsoleTest'
14:33:01.021 DEBUG:     Base dir: C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin
14:33:01.022 DEBUG:     Working dir: C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin\.scannerwork
14:33:01.023 DEBUG:     Module global encoding: windows-1252, default locale: en_US
14:33:01.049 DEBUG: Available languages:
14:33:01.050 DEBUG:   * Python => "py"
14:33:01.051 DEBUG:   * Go => "go"
14:33:01.051 DEBUG:   * Kotlin => "kotlin"
14:33:01.052 DEBUG:   * Terraform => "terraform"
14:33:01.053 DEBUG:   * CloudFormation => "cloudformation"
14:33:01.053 DEBUG:   * Kubernetes => "kubernetes"
14:33:01.054 DEBUG:   * Docker => "docker"
14:33:01.054 DEBUG:   * JavaScript => "js"
14:33:01.055 DEBUG:   * TypeScript => "ts"
14:33:01.056 DEBUG:   * CSS => "css"
14:33:01.057 DEBUG:   * Ruby => "ruby"
14:33:01.057 DEBUG:   * Scala => "scala"
14:33:01.058 DEBUG:   * C# => "cs"
14:33:01.058 DEBUG:   * Java => "java"
14:33:01.061 DEBUG:   * HTML => "web"
14:33:01.061 DEBUG:   * JSP => "jsp"
14:33:01.061 DEBUG:   * Flex => "flex"
14:33:01.062 DEBUG:   * XML => "xml"
14:33:01.062 DEBUG:   * PHP => "php"
14:33:01.063 DEBUG:   * Text => "text"
14:33:01.063 DEBUG:   * Secrets => "secrets"
14:33:01.064 DEBUG:   * VB.NET => "vbnet"
14:33:01.065 DEBUG:   * YAML => "yaml"
14:33:01.066 DEBUG:   * JSON => "json"
14:33:01.136 WARN: SCM provider autodetection failed. Please use "sonar.scm.provider" to define SCM of your project, or disable the SCM Sensor in the project settings.
14:33:01.147 INFO: Load quality profiles
14:33:01.186 DEBUG: GET 200 http://localhost:9000/api/qualityprofiles/search.protobuf?project=ConsoleTest | time=39ms
14:33:01.221 INFO: Load quality profiles (done) | time=74ms
14:33:01.226 INFO: Load active rules
14:33:01.249 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4thabyg-zpd29vNv&ps=500&p=1 | time=21ms
14:33:01.436 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4tjhbyg-zpd29vOu&ps=500&p=1 | time=22ms
14:33:01.474 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4tmNbyg-zpd29vQL&ps=500&p=1 | time=26ms
14:33:01.491 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4tn0byg-zpd29vQr&ps=500&p=1 | time=9ms
14:33:01.524 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4trSbyg-zpd29vWL&ps=500&p=1 | time=32ms
14:33:01.596 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4toqbyg-zpd29vTy&ps=500&p=1 | time=64ms
14:33:01.763 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4tupbyg-zpd29vd2&ps=500&p=1 | time=152ms
14:33:01.957 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4tzHbyg-zpd29vna&ps=500&p=1 | time=152ms
14:33:01.997 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4t1_byg-zpd29vqh&ps=500&p=1 | time=21ms
14:33:02.032 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4t5Lbyg-zpd29vs5&ps=500&p=1 | time=32ms
14:33:02.059 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4t3kbyg-zpd29vru&ps=500&p=1 | time=24ms
14:33:02.197 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4t9Rbyg-zpd29v13&ps=500&p=1 | time=133ms
14:33:02.473 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uEtbyg-zpd29wJf&ps=500&p=1 | time=261ms
14:33:02.522 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uKxbyg-zpd29wR4&ps=500&p=1 | time=25ms
14:33:02.564 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uPRbyg-zpd29wVG&ps=500&p=1 | time=39ms
14:33:02.603 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uNVbyg-zpd29wTH&ps=500&p=1 | time=35ms
14:33:02.616 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uSBbyg-zpd29wV3&ps=500&p=1 | time=9ms
14:33:03.646 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uTtbyg-zpd29wcJ&ps=500&p=1 | time=1029ms
14:33:03.734 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uW-byg-zpd29wgn&ps=500&p=1 | time=78ms
14:33:03.752 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uY8byg-zpd29whd&ps=500&p=1 | time=14ms
14:33:03.841 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4ubMbyg-zpd29wlu&ps=500&p=1 | time=85ms
14:33:03.882 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4udtbyg-zpd29won&ps=500&p=1 | time=35ms
14:33:04.025 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4ujfbyg-zpd29wwA&ps=500&p=1 | time=140ms
14:33:04.044 DEBUG: GET 200 http://localhost:9000/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives,createdAt,updatedAt,deprecatedKeys&activation=true&qprofile=AYjZ4uhWbyg-zpd29wpE&ps=500&p=1 | time=9ms
14:33:04.058 INFO: Load active rules (done) | time=2832ms
14:33:04.063 INFO: Load analysis cache
14:33:04.069 DEBUG: GET 404 http://localhost:9000/api/analysis_cache/get?project=ConsoleTest | time=5ms
14:33:04.071 INFO: Load analysis cache (404) | time=8ms
14:33:04.147 INFO: Load project repositories
14:33:04.154 DEBUG: GET 200 http://localhost:9000/batch/project.protobuf?key=ConsoleTest | time=6ms
14:33:04.162 INFO: Load project repositories (done) | time=15ms
14:33:04.205 DEBUG: Declared extensions of language Python were converted to sonar.lang.patterns.py : **/*.py
14:33:04.206 DEBUG: Declared extensions of language Go were converted to sonar.lang.patterns.go : **/*.go
14:33:04.206 DEBUG: Declared extensions of language Kotlin were converted to sonar.lang.patterns.kotlin : **/*.kt
14:33:04.207 DEBUG: Declared extensions of language Terraform were converted to sonar.lang.patterns.terraform : **/*.tf
14:33:04.207 DEBUG: Declared extensions of language CloudFormation were converted to sonar.lang.patterns.cloudformation :
14:33:04.208 DEBUG: Declared extensions of language Kubernetes were converted to sonar.lang.patterns.kubernetes :
14:33:04.209 DEBUG: Declared extensions of language Docker were converted to sonar.lang.patterns.docker :
14:33:04.211 DEBUG: Declared extensions of language JavaScript were converted to sonar.lang.patterns.js : **/*.js,**/*.jsx,**/*.cjs,**/*.mjs,**/*.vue
14:33:04.211 DEBUG: Declared extensions of language TypeScript were converted to sonar.lang.patterns.ts : **/*.ts,**/*.tsx,**/*.cts,**/*.mts
14:33:04.212 DEBUG: Declared extensions of language CSS were converted to sonar.lang.patterns.css : **/*.css,**/*.less,**/*.scss
14:33:04.214 DEBUG: Declared extensions of language Ruby were converted to sonar.lang.patterns.ruby : **/*.rb
14:33:04.216 DEBUG: Declared extensions of language Scala were converted to sonar.lang.patterns.scala : **/*.scala
14:33:04.216 DEBUG: Declared extensions of language C# were converted to sonar.lang.patterns.cs : **/*.cs
14:33:04.217 DEBUG: Declared extensions of language Java were converted to sonar.lang.patterns.java : **/*.java,**/*.jav
14:33:04.218 DEBUG: Declared extensions of language HTML were converted to sonar.lang.patterns.web : **/*.html,**/*.xhtml,**/*.cshtml,**/*.vbhtml,**/*.aspx,**/*.ascx,**/*.rhtml,**/*.erb,**/*.shtm,**/*.shtml,**/*.cmp,**/*.twig
14:33:04.219 DEBUG: Declared extensions of language JSP were converted to sonar.lang.patterns.jsp : **/*.jsp,**/*.jspf,**/*.jspx
14:33:04.220 DEBUG: Declared extensions of language Flex were converted to sonar.lang.patterns.flex : **/*.as
14:33:04.220 DEBUG: Declared extensions of language XML were converted to sonar.lang.patterns.xml : **/*.xml,**/*.xsd,**/*.xsl
14:33:04.221 DEBUG: Declared extensions of language PHP were converted to sonar.lang.patterns.php : **/*.php,**/*.php3,**/*.php4,**/*.php5,**/*.phtml,**/*.inc
14:33:04.222 DEBUG: Declared extensions of language Text were converted to sonar.lang.patterns.text :
14:33:04.222 DEBUG: Declared extensions of language Secrets were converted to sonar.lang.patterns.secrets :
14:33:04.223 DEBUG: Declared extensions of language VB.NET were converted to sonar.lang.patterns.vbnet : **/*.vb
14:33:04.224 DEBUG: Declared extensions of language YAML were converted to sonar.lang.patterns.yaml : **/*.yaml,**/*.yml
14:33:04.226 DEBUG: Declared extensions of language JSON were converted to sonar.lang.patterns.json : **/*.json
14:33:04.252 DEBUG: Will ignore generated code
14:33:04.255 DEBUG: Will ignore generated code
14:33:04.259 INFO: Indexing files...
14:33:04.261 INFO: Project configuration:
14:33:04.281 DEBUG: 'sonar-scanner-debug.bat' indexed with no language
14:33:04.291 DEBUG: 'sonar-scanner.bat' indexed with no language
14:33:04.300 INFO: 2 files indexed
14:33:04.302 INFO: ------------- Run sensors on module ConsoleTest
14:33:04.430 INFO: Load metrics repository
14:33:04.441 DEBUG: GET 200 http://localhost:9000/api/metrics/search?ps=500&p=1 | time=8ms
14:33:04.453 INFO: Load metrics repository (done) | time=23ms
14:33:06.789 DEBUG: 'JavaSensor' skipped because there is no related file in current project
14:33:06.790 DEBUG: 'Import external issues report' skipped because one of the required properties is missing
14:33:06.791 DEBUG: 'Python Sensor' skipped because there is no related file in current project
14:33:06.792 DEBUG: 'Cobertura Sensor for Python coverage' skipped because there is no related file in current project
14:33:06.793 DEBUG: 'PythonXUnitSensor' skipped because there is no related file in current project
14:33:06.794 DEBUG: 'Import of Pylint issues' skipped because there is no related file in current project
14:33:06.794 DEBUG: 'Import of Bandit issues' skipped because there is no related file in current project
14:33:06.794 DEBUG: 'Import of Flake8 issues' skipped because there is no related file in current project
14:33:06.795 DEBUG: 'Code Quality and Security for Go' skipped because there is no related file in current project
14:33:06.796 DEBUG: 'Go Unit Test Report' skipped because there is no related file in current project
14:33:06.797 DEBUG: 'Go Cover sensor for Go coverage' skipped because one of the required properties is missing
14:33:06.798 DEBUG: 'Import of go vet issues' skipped because there is no related file in current project
14:33:06.799 DEBUG: 'Import of Golint issues' skipped because there is no related file in current project
14:33:06.800 DEBUG: 'Import of GoMetaLinter issues' skipped because there is no related file in current project
14:33:06.800 DEBUG: 'Import of GolangCI-Lint issues' skipped because there is no related file in current project
14:33:06.801 DEBUG: 'Kotlin Sensor' skipped because there is no related file in current project
14:33:06.802 DEBUG: 'KotlinSurefireSensor' skipped because there is no related file in current project
14:33:06.803 DEBUG: 'Import of detekt issues' skipped because there is no related file in current project
14:33:06.803 DEBUG: 'Import of Android Lint issues' skipped because one of the required properties is missing
14:33:06.804 DEBUG: 'Import of ktlint issues' skipped because there is no related file in current project
14:33:06.805 DEBUG: 'IaC Terraform Sensor' skipped because there is no related file in current project
14:33:06.805 DEBUG: 'IaC CloudFormation Sensor' skipped because there is no related file in current project
14:33:06.806 DEBUG: 'IaC Kubernetes Sensor' skipped because there is no related file in current project
14:33:06.807 DEBUG: 'JavaScript analysis' skipped because there is no related file in current project
14:33:06.808 DEBUG: 'TypeScript analysis' skipped because there is no related file in current project
14:33:06.809 DEBUG: 'JavaScript inside YAML analysis' skipped because there is no related file in current project
14:33:06.811 DEBUG: 'JavaScript inside HTML analysis' skipped because there is no related file in current project
14:33:06.812 DEBUG: 'JavaScript/TypeScript Coverage' skipped because there is no related file in current project
14:33:06.812 DEBUG: 'Import of ESLint issues' skipped because one of the required properties is missing
14:33:06.813 DEBUG: 'Import of TSLint issues' skipped because one of the required properties is missing
14:33:06.813 DEBUG: 'CSS Metrics' skipped because there is no related file in current project
14:33:06.814 DEBUG: 'Import of stylelint issues' skipped because there is no related file in current project
14:33:06.815 DEBUG: 'Ruby Sensor' skipped because there is no related file in current project
14:33:06.815 DEBUG: 'Import of RuboCop issues' skipped because there is no related file in current project
14:33:06.816 DEBUG: 'SimpleCov Sensor for Ruby coverage' skipped because there is no related file in current project
14:33:06.816 DEBUG: 'Scala Sensor' skipped because there is no related file in current project
14:33:06.817 DEBUG: 'Scoverage sensor for Scala coverage' skipped because there is no related file in current project
14:33:06.817 DEBUG: 'Import of Scalastyle issues' skipped because there is no related file in current project
14:33:06.818 DEBUG: 'Import of Scapegoat issues' skipped because there is no related file in current project
14:33:06.819 DEBUG: 'Import of Checkstyle issues' skipped because there is no related file in current project
14:33:06.820 DEBUG: 'Import of PMD issues' skipped because one of the required properties is missing
14:33:06.821 DEBUG: 'Import of SpotBugs issues' skipped because there is no related file in current project
14:33:06.821 DEBUG: 'SurefireSensor' skipped because there is no related file in current project
14:33:06.822 DEBUG: 'Removed properties sensor' skipped because there is no related file in current project
14:33:06.823 DEBUG: 'Flex' skipped because there is no related file in current project
14:33:06.824 DEBUG: 'Flex Cobertura' skipped because there is no related file in current project
14:33:06.824 DEBUG: 'XML Sensor' skipped because there is no related file in current project
14:33:06.825 DEBUG: 'PHP sensor' skipped because there is no related file in current project
14:33:06.825 DEBUG: 'Analyzer for "php.ini" files' skipped because there is no related file in current project
14:33:06.827 DEBUG: 'Import of PHPStan issues' skipped because there is no related file in current project
14:33:06.828 DEBUG: 'Import of Psalm issues' skipped because there is no related file in current project
14:33:06.832 DEBUG: 'Generic Test Executions Report' skipped because one of the required properties is missing
14:33:06.834 DEBUG: Sensors : JaCoCo XML Report Importer -> CSS Rules -> C# Project Type Information -> C# Analysis Log -> C# Properties -> HTML -> TextAndSecretsSensor -> VB.NET Project Type Information -> VB.NET Analysis Log -> VB.NET Properties -> IaC Docker Sensor
14:33:06.843 INFO: Sensor JaCoCo XML Report Importer [jacoco]
14:33:06.846 INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
14:33:06.848 INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
14:33:06.849 INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=7ms
14:33:06.849 INFO: Sensor CSS Rules [javascript]
14:33:06.850 INFO: No CSS, PHP, HTML or VueJS files are found in the project. CSS analysis is skipped.
14:33:06.851 INFO: Sensor CSS Rules [javascript] (done) | time=2ms
14:33:06.851 INFO: Sensor C# Project Type Information [csharp]
14:33:06.853 INFO: Sensor C# Project Type Information [csharp] (done) | time=2ms
14:33:06.854 INFO: Sensor C# Analysis Log [csharp]
14:33:06.873 DEBUG: Project 'ConsoleTest': Property missing: 'sonar.cs.analyzer.projectOutPaths'. No protobuf files will be loaded for this project.
14:33:06.878 INFO: Sensor C# Analysis Log [csharp] (done) | time=23ms
14:33:06.878 INFO: Sensor C# Properties [csharp]
14:33:06.879 DEBUG: Project 'ConsoleTest': Property missing: 'sonar.cs.analyzer.projectOutPaths'. No protobuf files will be loaded for this project.
14:33:06.880 DEBUG: Project 'ConsoleTest': No Roslyn issues reports have been found.
14:33:06.880 INFO: Sensor C# Properties [csharp] (done) | time=2ms
14:33:06.881 INFO: Sensor HTML [web]
14:33:06.885 INFO: Sensor HTML [web] (done) | time=4ms
14:33:06.886 INFO: Sensor TextAndSecretsSensor [text]
14:33:06.898 INFO: Sensor TextAndSecretsSensor [text] (done) | time=12ms
14:33:06.898 INFO: Sensor VB.NET Project Type Information [vbnet]
14:33:06.900 INFO: Sensor VB.NET Project Type Information [vbnet] (done) | time=2ms
14:33:06.900 INFO: Sensor VB.NET Analysis Log [vbnet]
14:33:06.930 DEBUG: Project 'ConsoleTest': Property missing: 'sonar.vbnet.analyzer.projectOutPaths'. No protobuf files will be loaded for this project.
14:33:06.933 INFO: Sensor VB.NET Analysis Log [vbnet] (done) | time=32ms
14:33:06.933 INFO: Sensor VB.NET Properties [vbnet]
14:33:06.934 DEBUG: Project 'ConsoleTest': Property missing: 'sonar.vbnet.analyzer.projectOutPaths'. No protobuf files will be loaded for this project.
14:33:06.935 DEBUG: Project 'ConsoleTest': No Roslyn issues reports have been found.
14:33:06.935 INFO: Sensor VB.NET Properties [vbnet] (done) | time=2ms
14:33:06.937 INFO: Sensor IaC Docker Sensor [iac]
14:33:06.942 INFO: 0 source files to be analyzed
14:33:07.041 INFO: 0/0 source files have been analyzed
14:33:07.042 INFO: Sensor IaC Docker Sensor [iac] (done) | time=106ms
14:33:07.047 INFO: ------------- Run sensors on project
14:33:07.139 DEBUG: 'Generic Coverage Report' skipped because one of the required properties is missing
14:33:07.140 DEBUG: 'Import external issues report from SARIF file.' skipped because one of the required properties is missing
14:33:07.141 DEBUG: 'C#' skipped because there is no related file in current project
14:33:07.142 DEBUG: 'C# File Caching Sensor' skipped because there is no related file in current project
14:33:07.143 DEBUG: 'C# Tests Coverage Report Import' skipped because there is no related file in current project
14:33:07.144 DEBUG: '[Deprecated] C# Integration Tests Coverage Report Import' skipped because there is no related file in current project
14:33:07.144 DEBUG: 'C# Unit Test Results Import' skipped because there is no related file in current project
14:33:07.144 DEBUG: 'VB.NET' skipped because there is no related file in current project
14:33:07.145 DEBUG: 'VB.NET File Caching Sensor' skipped because there is no related file in current project
14:33:07.146 DEBUG: 'VB.NET Tests Coverage Report Import' skipped because there is no related file in current project
14:33:07.150 DEBUG: '[Deprecated] VB.NET Integration Tests Coverage Report Import' skipped because there is no related file in current project
14:33:07.152 DEBUG: 'VB.NET Unit Test Results Import' skipped because there is no related file in current project
14:33:07.152 DEBUG: 'Java CPD Block Indexer' skipped because there is no related file in current project
14:33:07.153 DEBUG: Sensors : Analysis Warnings import -> Zero Coverage Sensor
14:33:07.154 INFO: Sensor Analysis Warnings import [csharp]
14:33:07.156 INFO: Sensor Analysis Warnings import [csharp] (done) | time=1ms
14:33:07.156 INFO: Sensor Zero Coverage Sensor
14:33:07.163 INFO: Sensor Zero Coverage Sensor (done) | time=7ms
14:33:07.165 INFO: SCM Publisher No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.
14:33:07.167 INFO: CPD Executor Calculating CPD for 0 files
14:33:07.169 INFO: CPD Executor CPD calculation finished (done) | time=0ms
14:33:07.271 INFO: Analysis report generated in 97ms, dir size=124.8 kB
14:33:07.290 INFO: Analysis report compressed in 18ms, zip size=15.1 kB
14:33:07.291 INFO: Analysis report generated in C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin\.scannerwork\scanner-report
14:33:07.292 DEBUG: Upload report
14:33:07.318 DEBUG: POST 200 http://localhost:9000/api/ce/submit?projectKey=ConsoleTest | time=24ms
14:33:07.323 INFO: Analysis report uploaded in 30ms
14:33:07.326 DEBUG: Report metadata written to C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin\.scannerwork\report-task.txt
14:33:07.327 INFO: ANALYSIS SUCCESSFUL, you can find the results at: http://localhost:9000/dashboard?id=ConsoleTest
14:33:07.329 INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
14:33:07.329 INFO: More about the report processing at http://localhost:9000/api/ce/task?id=AZDg3lvvIKan-GeBtEO_
14:33:07.334 DEBUG: Post-jobs :
14:33:07.342 INFO: Analysis total time: 7.154 s
14:33:07.344 INFO: ------------------------------------------------------------------------
14:33:07.344 INFO: EXECUTION SUCCESS
14:33:07.345 INFO: ------------------------------------------------------------------------
14:33:07.345 INFO: Total time: 9.051s
14:33:07.390 INFO: Final Memory: 17M/64M
14:33:07.391 INFO: ------------------------------------------------------------------------

==

What am I doing wrong here?

Hey there.

Two big issues here:

First, you’re running the sonar-scanner from the installation directory of the scanner, not from where the source code is.

Either you need to navigate to the directory where the code is located and use the full path of the scanner executable, or more conveniently, add C:\Sonarqube\sonarqube-10.0.0.68432\scanner\sonar-scanner-cli-4.8.0.2856-windows\sonar-scanner-4.8.0.2856-windows\bin to your PATH variable so you can navigate to any directory and simply run sonar-scanner.

It looks like you’re running the scanner on the server where SonarQube is hosted itself. That’s not necessary, and ideally you just clone the project onto your local machine and run the analysis from there, or integrate with Azure Pipelines.

Now, that’s all well and good for analyzing most code except C# code, which requires that you use the SonarScanner for .NET, and not the SonarScanner CLI.

Selecting .NET in the analysis tutorial in the UI helps a lot here when creating a new project.

image2504×1104 201 KB

Colin,

Thanks for the lead! I did not come across needing to point it at the code directory but in retrospect it makes sense. So I need to figure out how to get the project code out of Azure, then aim the scanner at wherever I place it. I’m coming at this from a sys admin perspective and not a developer one, so I’ll need to dig about.

As for Pipeline integration, that’ll take some work but should be my long term goal. There may be an issue with the certificate on Azure that may need to be addressed first.

From what I remember reading and hearing, the CLI / “Other Scan” does work for anything and figures it out on the fly but is this not the case?

Edit: In Community Edition does a successful report tell you where the scan was targeted at?

Edit 2: Now that I dig around a bit more there does not seem to be any evidence that my predecessor had any of the .net tools set up either - wonder how he got a successful scan out of this then?

At some point, you will encounter something that tells you to git clone what’s on Azure (fingers crossed you’re using Git and not TFVC, but let’s cross that bridge when we get there)

image2850×1028 232 KB

.NET, Java, and C++ are special cases.

I’m not sure what you mean by “where the scan was targeted at”. Can you tell me more?

Collin,

By “targeted at” I mean if I look at the one successful scan this team did a year back if it would say “The scan was run against C:\projectcode\blah” or something.

I will take a look in Azure - it does not seem like the Azure DevOps host itself likes to launch its own website so I may have to download it on my workstation and shuffle the files over.

Just got out of a few back to back meetings so I haven’t had the most time to dive into it - if I have sonar-scanner, is the dotnet thing something else that needs to be installed? Documentation says to just have “dotnet” in my path but doesn’t seem to explain the path or what I’m doing it.

Alas I am picking up someone else’s pieces, without documentation, on a device I’m only newly introduced to so I can work an application I am only passingly familiar with!

Edit: I had some success! I was able to download the project files as a .zip with the dot menu to the right of “Clone” (where git was not an option). I put this on the desktop of the host server for simplicity’s sake and was able to point SonarQube 10 at the “ProjectCode” folder I created to house it, and produce some result using sonar-scanner -X -D sonar.projectKey=ConsoleTest. It at least picks up code and produces a result in the SonarQube GUI, though from what you have said this isn’t the correct way to do it. I will now be looking into the dotnet thing a bit closer now. Some follow-up questions:

• By doing this generic CLI scan, what am I losing vs doing a proper .net based scan? Are the results that find their way into the SonarQube front-end just junk, or just part of the story?
• If a project contains code from multiple languages, is there a correct approach to scanning it? Say if it is mostly C# but included some Java files or something to that effect, can you “multiscan” it or would they need to be broken apart?

You are not getting the analysis of the C# code in your repo.

You can use the SonarScanner for .NET to analyze languages other than C# if needed (specifically if those files aren’t included as a part of the .NET project).

But if that Java code has its own build using a tool like Maven/Gradle, it would make sense to use a separate project and the appropriate scanner for that build tool.