nRF Zephyr Project in Bitbucket Pipeline

Template for a good new topic, formatted with Markdown:

• ALM used: Bitbucket Cloud
• CI system used: Bitbucket Cloud
• Scanner command used when applicable (private details masked)
• Languages of the repository: C

Hello everyone,

I am trying to set up a Bitbucket Pipeline to scan my firmware based on nRF SDK 2.5 and Zephyr.
I am struggling on how to allow SonarCloud to scan my C code. I understood that I need to install the build wrapper, but I don’t know how to do it inside the Docker image that I am using for building the firmware (I am pulling the image from Docker Hub).

here a snippet of my .yml file:

- step: &build-test-sonarcloud
        name: Build, test and analyze on SonarCloud
        caches:
          - sonar
        script:
          - export SONAR_SCANNER_VERSION=5.0.1.3006
          - export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux
          - export BW_OUTPUT=$HOME/.sonar/bw-output
          - mkdir -p $BW_OUTPUT
          - curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
          - unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
          - export PATH=$SONAR_SCANNER_HOME/bin:$PATH
          - curl --create-dirs -sSLo $HOME/.sonar/build-wrapper-linux-x86.zip https://sonarcloud.io/static/cpp/build-wrapper-linux-x86.zip
          - unzip -o $HOME/.sonar/build-wrapper-linux-x86.zip -d $HOME/.sonar/
          - export PATH=$HOME/.sonar/build-wrapper-linux-x86:$PATH
          # SonarCloud Analysis
          - docker run --name container_build -v ${PWD}:/workdir/app nordicplayground/nrfconnect-sdk:v2.5-branch  build-wrapper-linux-x86-64 --out-dir $BW_OUTPUT west build /workdir/app -p always -b nrf52840dk_nrf52840 -other_build_options
          - pipe: sonarsource/sonarcloud-scan:2.0.0
            variables:
              SONAR_TOKEN: $SONAR_TOKEN
              SONAR_SCANNER_OPTS: -Xmx512m
              EXTRA_ARGS: -Dsonar.cfamily.build-wrapper-output=bw-output
        services:
            - docker

And of course it does not sees the build wrapper inside the Docker container because it is installed outside I think… is there a smarter way to do it? I am not even sure that the build wrapper needs to be installed in this way…

Thank you in advance for the help!

Luca

Hey there.

When you created your project in SonarCloud, you should have immediately been brought to a tutorial that walks you through setting up analysis for a C/C++ project.

image2876×716 168 KB

image2388×1198 318 KB

How about walking through that tutorial? It should relieve some confusion (for example, you can’t use sonarsource/sonarcloud-scan:2.0.0 with C/C++ analysis, so it avoids it completely)