Hi @dorothyk ,
Let me try and summarize my understanding of your situation and what you try and want to achieve.
You have a C++ program made of multiple pieces of C++ code, letâs call them modules.
Each moduleâs code live in a separated git repository on Bitucket Cloud (BBC), therefore each module has its own BBC project.
Some modules depend on others to be built.
To ease the build of the dependent modules, youâve created a master Git repository. This master repository puts all modules together, thanks to Git submodule feature I assume, as subdirectories (one per module).
(Itâs not clear to me whether the master repository contains any C++ code of its own or not)
You would like to have the static analysis results from SonarCloud of each module reported on their respectiveâs BBC project: as a repository overview, a pull request view and a Code Insights report.
All three should report only the issues of the current module.
To this purpose, you have:
- a dedicated SonarCloud project for the BBC project of each module
- a SonarCloud project for the master repository
- each SonarCloud project was created on SonarCloud following the SonarCloud instructions
- SonarCloud integration was enabled on each BBC project
- each BBC project has its own BBC pipeline to build the module and run the SonarCloud analysis
- the pipelines of the modules are identical and proceeds as follow
- create a shallow clone of the master repository in directory
master-repo
and pull the gitsubmodule of the modules the current module depends on
- download the build-wrapper SonarCloud scanner
- build and analyse the project by running the build-wrapper in the directory
master-repo
You report that:
- analysis results on BBC projects of modules are showing issues for other modules
- analysis results on BBC projects of modules do not have annotations
- analysis results on BBC project of master repo is showing issues for all modules and has annotations for all of them
Please let me know if anything of the above is incorrect or lack precision relevant to the following.
I think the root of the situation youâre in is that you are not building nor analyzing in the directory of the module but in a subdirectory: master-repo
.
As a consequence all paths known to SonarCloud are relative to master-repo
.
A file in module C has a path submodulec/foo/bar.cpp
while the path to this file in the BBC project and git repository of module C is foo/bar.cpp
.
This prevents the annotations to be rendered: they are likely correctly pushed by SonarCloud to BBC but since they donât match the path of the files in the BBC project, nothing renders.
To prevent the analysis results of other modules to appear, you could configure source file exclusions on each moduleâs SonarCloud project (see doc).
Mind it, they are relative to the directory where the build-wrapper runs. so, Eg. for moduleC, exclusions could be submoduleA/**/*,submoduleB/**/*
.
(disclaimer: I donât have extensive practice with exclusions, my example may be wrong but I hope you get the idea)
In general, the build-wrapper should run in the root directory of the repository to be analyzed.
Assuming I understood your situation correctly, I can make two suggestions:
- change your build script so that it runs in the root directory.
It would have to support source code of the current module being at the root of the repository and source code of dependencies being in some subdirectories (the depth should not matter, so both master-repo/submoduleA
and submoduleA
should work). These subdirectories will have to be excluded from analysis
- switch to a mono repo setup.
All SonarCloud projects are linked to the master-repo
repository and BBC project (see doc on how to set them up). You will have to configure multiple pipelines on the BBC project, one for each module.
This might have other consequences and its own complexity on top of not necessarily providing the integration rendering on BBC side you are expecting. But that would keep you build structure close to what you have today (one subdirectory per module).
I hope this helps
Cheers