Need a sonarqube solution for mutiple technology project

Hello All,

SonarQube Version

SonarQube Version – Enterprise EditionVersion 8.6.1

We are you trying to achieve below:

we have two code base such as Node.JS and Java in same project.

  1. When we tried to integrate Sonar in pipeline with the Gradle task for Java and Run analysis task for Node.JS , only the Java code was scanned for code quality and not the NodeJS code.

what have you tried so far to achieve this

  1. Tried to use Run Analysis task for both code base giving the root working directory and mapping to same sonar project. Throws error as Java code base is there and to add binary files/exception files/ use gradle or maven task.

  2. We tried to separate the code base in different set of Agent Jobs and mapping to different sonar projects, the Sonarqube scan is working fine and output published to the mentioned sonar projects.

Please let us know if there is any other better solution for scanning multiple code base/technology with one sonar project.

Regards,
Raja

Hi Raja,

First, your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

8.6 → 8.9.2 → 9.0.1 (last step optional)

Regarding your actual question, the behavior you’re seeing is because SonarScanner for Gradle relies on Gradle to tell it about the project, and Gradle is a Java-centric technology. So it’s only telling the scanner about your Java code.

You’ll need to set a property to override the default sonar.sources value to include both sets of code. The docs should help.

 
Ann

Hi Ann,

Thanks for the quick response.

Sure, we will check the same and get back to you if we have any issues.

Raja

Hi Ann,

As suggested, we followed sonarqube documentation and updated below steps in build.gradle file and executed the sonar analysis.

// in build.gradle
sonarqube {
    properties {
        property "sonar.exclusions", "**/*Generated.java"
    }
}

Getting below ERROR:

Please look into this and suggest us.

2021-08-10T06:10:43.9451761Z * What went wrong:
2021-08-10T06:10:43.9452447Z A problem occurred evaluating root project 'LamQualityWorkspace'.
2021-08-10T06:10:43.9453714Z > Could not find method sonarqube() for arguments [build_4c1mg6l8w8inux8x4pppwb753$_run_closure1@6209e6b0] on root project 'Workspace' of type org.gradle.api.Project.
10T06:10:43.9456342Z BUILD FAILED
2021-08-10T06:10:43.9456626Z 
2021-08-10T06:10:43.9457047Z Total time: 21.952 secs
2021-08-10T06:10:44.6514433Z Error: The process 'E:\Agent\_work\6\s\Workspace\gradlew.bat' failed with exit code 1
2021-08-10T06:10:44.6515748Z     at ExecState._setResult (E:\Agent\_work\_tasks\Gradle_8d8eebd8-2b94-4c97-85af-839254cc6da4\2.189.0\node_modules\azure-pipelines-task-lib\toolrunner.js:937:25)
2021-08-10T06:10:44.6516987Z     at ExecState.CheckComplete (E:\Agent\_work\_tasks\Gradle_8d8eebd8-2b94-4c97-85af-839254cc6da4\2.189.0\node_modules\azure-pipelines-task-lib\toolrunner.js:920:18)
2021-08-10T06:10:44.6518888Z     at ChildProcess.<anonymous> (E:\Agent\_work\_tasks\Gradle_8d8eebd8-2b94-4c97-85af-839254cc6da4\2.189.0\node_modules\azure-pipelines-task-lib\toolrunner.js:833:19)
2021-08-10T06:10:44.6519742Z     at ChildProcess.emit (events.js:198:13)
2021-08-10T06:10:44.6520236Z     at maybeClose (internal/child_process.js:982:16)
2021-08-10T06:10:44.6520811Z     at Process.ChildProcess._handle.onexit (internal/child_process.js:259:5)
2021-08-10T06:10:44.6569180Z ##[error]Error: The process 'E:\Agent\_work\6\s\Workspace\gradlew.bat' failed with exit code 1
2021-08-10T06:10:44.6638568Z ##[section]Finishing: gradlew build

Regards,
Raja

Hi Raja,

Sorry, but I don’t know enough about Gradle to diagnose anything with what you’ve provided.

 
:woman_shrugging:
Ann