PL/Sql Code Analysis results doesnt seem in sonarserver

Must-share information (formatted with Markdown):

• sonarqube lts-developer
• I would like to analysis to my plsql project
  I can not see any code in my plsql project in sonar server. It looks analyzed but there is no code. I can not get codes from database? Could you please assist to me?

My sonar command which I executed in sonar server:

/home/sonarscanner/sonar-scanner-4.6.2.2472-linux/bin/sonar-scanner -Dsonar.login=c24e322d9be665a145163838e1ad03ad3d6252ac -Dsonar.projectKey=PlSqlTebDb -Dsonar.plsql.jdbc.url=jdbc:oracle:thin:@172.19.4.237:3043/MRKDEV -Dsonar.plsql.jdbc.user=abcd -Dsonar.plsql.jdbc.password=password -Dsonar.plsql.jdbc.driver.path="/home/designer/ojdbc.jar" -Dsonar.plsql.jdbc.driver.class=oracle.jdbc.OracleDriver

Analysis result is below:

[root@lap01sonar ~]# /home/sonarscanner/sonar-scanner-4.6.2.2472-linux/bin/sonar-scanner -Dsonar.login=c24e322d9be665a145163838e1ad03ad3d6252ac -Dsonar.projectKey=PlSqlTebDb -Dsonar.plsql.jdbc.url=jdbc:oracle:thin:@172.19.4.237:3041/MRKDEV -Dsonar.plsql.jdbc.user=abcd -Dsonar.plsql.jdbc.password=password -Dsonar.plsql.jdbc.driver.path="/home/designer/ojdbc.jar" -Dsonar.plsql.jdbc.driver.class=oracle.jdbc.OracleDriver
INFO: Scanner configuration file: /home/sonarscanner/sonar-scanner-4.6.2.2472-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 4.6.2.2472
INFO: Java 11.0.11 AdoptOpenJDK (64-bit)
INFO: Linux 4.18.0-348.12.2.el8_5.x86_64 amd64
INFO: User cache: /root/.sonar/cache
INFO: Scanner configuration file: /home/sonarscanner/sonar-scanner-4.6.2.2472-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: Analyzing on SonarQube server 8.9.7
INFO: Default locale: “en_US”, source code encoding: “UTF-8” (analysis is platform dependent)
INFO: Load global settings
INFO: Load global settings (done) | time=190ms
INFO: Server id: 2DE670BD-AX8_nfujtjaHObpnR-sT
INFO: User cache: /root/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=48ms
INFO: Load/download plugins (done) | time=228ms
INFO: Loaded core extensions: developer-scanner
INFO: JavaScript/TypeScript frontend is enabled
INFO: Process project properties
INFO: Process project properties (done) | time=0ms
INFO: Execute project builders
INFO: Execute project builders (done) | time=2ms
INFO: Project key: PlSqlTebDb
INFO: Base dir: /root
INFO: Working dir: /root/.scannerwork
INFO: Load project settings for component key: ‘PlSqlTebDb’
INFO: Load project settings for component key: ‘PlSqlTebDb’ (done) | time=141ms
INFO: Load project branches
INFO: Load project branches (done) | time=37ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=27ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=1ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=131ms
INFO: Load active rules
INFO: Load active rules (done) | time=2384ms
INFO: Indexing files…
INFO: Project configuration:
INFO: 7 files indexed
INFO: ------------- Run sensors on module PlSqlTebDb
INFO: JavaScript/TypeScript frontend is enabled
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=19ms
INFO: Sensor CSS Rules [cssfamily]
INFO: No CSS, PHP, HTML or VueJS files are found in the project. CSS analysis is skipped.
INFO: Sensor CSS Rules [cssfamily] (done) | time=1ms
INFO: Sensor C# Project Type Information [csharp]
INFO: Sensor C# Project Type Information [csharp] (done) | time=1ms
INFO: Sensor C# Properties [csharp]
INFO: Sensor C# Properties [csharp] (done) | time=1ms
INFO: Sensor JavaXmlSensor [java]
INFO: Sensor JavaXmlSensor [java] (done) | time=1ms
INFO: Sensor HTML [web]
INFO: Sensor HTML [web] (done) | time=2ms
INFO: Sensor VB.NET Project Type Information [vbnet]
INFO: Sensor VB.NET Project Type Information [vbnet] (done) | time=1ms
INFO: Sensor VB.NET Properties [vbnet]
INFO: Sensor VB.NET Properties [vbnet] (done) | time=0ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: ‘sonar.coverage.jacoco.xmlReportPaths’ is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=2ms
INFO: Sensor ThymeLeaf template sensor [securityjavafrontend]
INFO: Sensor ThymeLeaf template sensor [securityjavafrontend] (done) | time=0ms
INFO: Sensor JavaSecuritySensor [security]
INFO: Reading type hierarchy from: /root/.scannerwork/ucfg2/java
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /root/.scannerwork/ucfg2/java
INFO: No UCFGs have been included for analysis.
INFO: Sensor JavaSecuritySensor [security] (done) | time=3ms
INFO: Sensor CSharpSecuritySensor [security]
INFO: Reading type hierarchy from: /root/ucfg_cs2
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /root/ucfg_cs2
INFO: No UCFGs have been included for analysis.
INFO: Sensor CSharpSecuritySensor [security] (done) | time=0ms
INFO: Sensor PhpSecuritySensor [security]
INFO: Reading type hierarchy from: /root/.scannerwork/ucfg2/php
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /root/.scannerwork/ucfg2/php
INFO: No UCFGs have been included for analysis.
INFO: Sensor PhpSecuritySensor [security] (done) | time=0ms
INFO: Sensor PythonSecuritySensor [security]
INFO: Reading type hierarchy from: /root/.scannerwork/ucfg2/python
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /root/.scannerwork/ucfg2/python
INFO: No UCFGs have been included for analysis.
INFO: Sensor PythonSecuritySensor [security] (done) | time=1ms
INFO: Sensor JsSecuritySensor [security]
INFO: Reading type hierarchy from: /root/.scannerwork/ucfg2/js
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /root/.scannerwork/ucfg2/js
INFO: No UCFGs have been included for analysis.
INFO: Sensor JsSecuritySensor [security] (done) | time=0ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=1ms
INFO: SCM Publisher is disabled
INFO: CPD Executor Calculating CPD for 0 files
INFO: CPD Executor CPD calculation finished (done) | time=0ms
INFO: Load New Code definition
INFO: Load New Code definition (done) | time=18ms
INFO: Analysis report generated in 88ms, dir size=162 KB
INFO: Analysis report compressed in 29ms, zip size=20 KB
INFO: Analysis report uploaded in 42ms
INFO: ANALYSIS SUCCESSFUL, you can browse https://sonar.int.teb.com.tr/dashboard?id=PlSqlTebDb
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonar.int.teb.com.tr/api/ce/task?id=AYB1PEl8UHHZY0lSDLCS
INFO: Analysis total time: 5.032 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 6.451s
INFO: Final Memory: 7M/30M
INFO: ------------------------------------------------------------------------

Hey there.

You will need to make sure that your files are available on the filesystem where the analysis is taking place – SonarQube will enrich itself with information from the database for certain rules (using the data dictionary), but the .sql files are not automatically extracted.

Hi Colin,

Normally, I have oracle ddl extractions. I analyzed using with these ddl extractions. But I would like to access to database using these parameters in the link.(PL/SQL | SonarQube Docs). And then I want to analyze to my plsql project. I dont want to take database ddl schema extractions manually and dont want to analyze with these database ddl schema extractions. I would like to access database directly using jdbc.url and other parameters. In addition, should I use sonar.plsql.defaultSchema parameter in my command?

After response these question. Could you please explain to me step by step how I should analyze my plSql project in a practical way?

Thank you for quick response.

Hey there.

In actuality, the parameters don’t do… what you want them to do. There’s no way to ask the scanner to download the SQL files – you must first extract them and then perform analysis.

Okay I have ddl extraction. Should I connect to database to analysis with existing this ddl extraction in the path that l execute plsql analysis command ( /home/sonarscanner/sonar-scanner-4.6.2.2472-linux/bin/sonar-scanner -Dsonar.login=c24e322d9be665a145163838e1ad03ad3d6252ac -Dsonar.projectKey=PlSqlTebDb -Dsonar.plsql.jdbc.url=jdbc:oracle:thin:@172.19.4.237:3043/MRKDEV -Dsonar.plsql.jdbc.user=abcd -Dsonar.plsql.jdbc.password=password -Dsonar.plsql.jdbc.driver.path="/home/designer/ojdbc.jar" -Dsonar.plsql.jdbc.driver.class=oracle.jdbc.OracleDriver )?

Sounds right to me. What happens when you execute analysis?

Hi Colin,

it has been analysed. But there is no differences with ddl extraction and ddl extraction with connection oracle db. They give same results in 2 options. (1. connection db and using ddl 2. only using ddl no connection db)

I dont understand why db connection didnt give me more results.

Thank you

Hey @Mehmet_Inan

Connecting to your database (to use the “data dictionary”) allows issues to be raised on 4 specific rules (S3641, S3921, S3618, and S3651).

A static analysis of the code on your filesystem is still being performed (no additional SQL will be analyzed), but the analysis will use information about your database to perform the analysis.

Are there specific instances in your code where you think issues should be raised on these rules where they currently aren’t?