One repository, two projects; Code ignored - SonarQube scanner setup

SonarQube Server / Community Build
, ,
1

Hi,

I’m struggling to setup SonarQube scanner for our repository which contains two separate code bases:

  • api/ - back-end service(s) (netcoreapp2.1, netstandard2.0) (actual path to project is api/src/**/*.csproj)
  • ui/ - front-end application (JavaScript / TypeScript, ReactJS) (actual path to source is ui/src/**/*)

  1. I want scanning result to be presented as single app -> this seems to be covered by “Applications” available in Enterprise Edition, since when I run MSBuild scanner, it will ignore JS part (execution shown below).
    (When I run MSBuild scanner, it ignores other folder and running second scanner (for JS) will replace previous results from MSBuild)

  2. Despite I’m able to run MSBuild scanner to analyze at least my .NET code, only two project out of six are scanned, surprisingly only unit tests projects:

  • :x: Contoso.Api netcoreapp2.1 not scanned
  • :white_check_mark: Contoso.Api.UnitTests netcoreapp2.1 scanned
  • :x: Contoso.Bll netstandard2.0 not scanned
  • :x: Contoso.Bll.AcceptanceTests netcoreapp2.1 not scanned
  • :white_check_mark: Contoso.Bll.UnitTests netcoreapp2.1 scanned
  • :x: Contoso.GraphQl netcoreapp2.1 not scanned

However I see these paths in logs when running scanner:

00000000-0000-0000-0000-000000000000.sonar.sources=\
"/builds/contoso/api/src/Contoso.Api/Controllers/GraphQlController.cs",\
"/builds/contoso/api/src/Contoso.Api/Controllers/HomeController.cs",\
"/builds/contoso/api/src/Contoso.Api/Controllers/TrackingsController.cs",\
...

This is how I run scanner (CI/CD pipeline, root of directory):

dotnet /sonar-scanner/SonarScanner.MSBuild.dll begin /k:$CI_PROJECT_NAME /d:sonar.host.url=$SONAR_HOST_URL /d:sonar.login=$SONAR_TOKEN /d:sonar.sourceEncoding=UTF-8 /d:sonar.projectBaseDir="../" /d:sonar.verbose=true
dotnet build -c Release api/
dotnet /sonar-scanner/SonarScanner.MSBuild.dll end /d:sonar.login=$SONAR_TOKEN

I set only following globs to include (sonar.inclusions) in project configuration (Administration / General Settings):

  • api/src/**/*
  • ui/src/**/*

What could be reason for completely omitting some projects/files from results? I don’t see any error in logs - everything runs smoothly.

SonarQube:

  • Version 8.1 (build 31237)
  • Processing plugin: csharp version 8.3.0.14607
2

Hello @wdolek,

It looks strange indeed. What I find really weird is the project prefix 00000000-0000-0000-0000-000000000000 as it is supposed to be the project GUID, generated by VS, and I doubt it generated such a GUID, did he?

Anyway, would you mind sharing the full debug logs (privately if necessary), begin, build and end, so I can have a closer look at what the scanner is doing?

Antoine

3

Project guid is changed, same as project name and its path - I hope this is not relevant to the main issue that files from certain folders are completely ignored despite scanner is aware of them (listing files in log).

We are running scanning from CI/CD, I wanted to try also dotnet clean just in case, to enforce full build. How can I share logs privately?