Scan both Terraform and .Net 6 code in same project scan

Template for a good new topic, formatted with Markdown:

  • ALM used (GitHub, Bitbucket Cloud, Azure DevOps)
  • Bitbucket Cloud
  • CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI
  • Bitbucket Cloud
  • Scanner command used when applicable (private details masked)
  • dotnet-sonarscanner begin /k:$proj_key /o:$org_name /d:sonar.login=$SONAR_CLOUD_TOKEN /d:sonar.verbose=true /d:sonar.host.url=https://sonarcloud.io
    dotnet build $sln_file
    dotnet sonarscanner end /d:sonar.login=$SONAR_CLOUD_TOKEN
  • Languages of the repository
  • .Net 6 and Terraform
  • Only if the SonarCloud project is public, the URL
    • And if you need help with pull request decoration, then the URL to the PR too
  • Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
  • No specific error but we would like to understand on how we can have scan for both languages run at the same time, consolidate the scan report and upload it to SonarCloud under same project
  • Steps to reproduce
  • N/A
  • Potential workaround
  • Potential workaround for now is to have scan run for each language for separate project key. However, we want it to be part of same project key.

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

Take a look at these docs.

Thanks Colin , The doc helped. We had to add below lines in CSPROJ file and it took care of including the Terraform files in scan:

<ItemGroup>
  <Content Include="../**/*.tf" />
</ItemGroup>