Not scanning kotlin source

My action is working for the Javascript but not the backend, can someone tell me what I’m missing?

Relevant Action:

on:
  pull_request:
      types: [opened, synchronize, reopened]
  push:
    branches:
      - master

name: Run Sunarcloud Scan
jobs:
  sonarcloud:
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: frontend-react
    steps:
    - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
      with:
        fetch-depth: 0

    - uses: actions/setup-node@v3
      with:
        node-version: 14

    - run: npm install

    - run: npm run test:ci

    - name: SonarCloud Scan
      uses: sonarsource/sonarcloud-github-action@de2e56b42aa84d0b1c5b622644ac17e505c9a049
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
      with:
        args: >
          -Dsonar.javascript.lcov.reportPaths=frontend-react/coverage/lcov.info
          -Dsonar.coverage.jacoco.xmlReportPaths=prime-router/build/test-results/test
          -Dsonar.coverage.exclusions=frontend-react/**/__mocks__/**,frontend-react/**/*.test.*
          -Dsonar.sources=frontend-react/src,prime-router/src
          -Dsonar.projectKey=CDCgov_prime-data-hub
          -Dsonar.organization=cdcgov
          -Dsonar.verbose=true

Hey there.

Sure looks like Kotlin files are being analyzed (and here are 792 issues raised on Kotlin files).

If you’re speaking about code coverage, it looks like the file you’ve specified in this PR doesn’t exist when the SonarCloud scan runs.

13:09:50.044 INFO: Sensor JaCoCo XML Report Importer [jacoco]
13:09:50.050 WARN: No coverage report can be found with sonar.coverage.jacoco.xmlReportPaths='prime-router/build/test-results/test'. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
13:09:50.051 INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
13:09:50.051 INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=7ms

You’ll need to make sure any test results are available where the SonarCloud scan is taking place (and point to a file rather than a directory).

That may be enough, but typically we’d suggest using the SonarScanner for Gradle for analyzing Java/Kotlin code that is built using Gradle. This ensures the most accurate analysis results and very low-configuration for things like importing code coverage reports (which we have helpful guides for)

Hello, thank you for your response. I have read through the document but it assumes my sonar installation is local. How do I point it to sonarcloud?

Hey there.

Which part of it assumes your installation is SonarQube?

Thank you for your help, I am having trouble figuring out which docs are for sonarcloud versus sonarcube. Here is the output.

prime-router % ./gradlew build jacocoTestReport sonarqube

 Configure project :
default messager has already been registered

 Task :sonarqube FAILED
SonarQube server [http://localhost:9000] can not be reached

FAILURE: Build failed with an exception.

 What went wrong:
Execution failed for task ':sonarqube'.
 Unable to execute SonarScanner analysis

I assume there needs to be something like a sonar.properties ?

Hey there.

I think your best bet is to follow the tutorial in SonarCloud when creating a new project (or adjusting the Administration > Analysis Method)