Scanning a C# Project

(Hugo) #1


I have an project which I want to analyse with my Sonarqube 7.3 enterprise.
How can I make the analysis?

I tried using Sonar-Scanner but I got 0 for everything: bugs, vulnerabilities, codesmells, duplications. I found this strange.

Can you point me in the right direction?

My looks like this:


I’ve also tried to do this using C# plugin.

I’ve done all the stated procedure.
when I run the the analysis in my command line, using this command:
SonarScanner.MSBuild.exe begin /k:“AAA” /n:“AAA” /v:“1.0”

MSBuild.exe /t:Rebuild

SonarScanner.MSBuild.exe end

I get this (the same):

WHat are the recommended options to scan code? What am i doing wrong?

(Amaury Levé) #3

Hi @Fr0zt,

Are you really expecting to have some issues on this project? The build status shows no warning so it seems normal you don’t see any Bug/Vulnerability/Code Smell on SonarQube.

(Hugo) #4

I think the code is ok but I am not sure.

From both methods I’ve stated above which one do you think it’s the best for doing scans in such a project? using sonnar-scaner or SonarScanner.MSBuild.exe?

(Amaury Levé) #5

Sorry I missed the second part of your initial question. In order to have C#/VB.Net features you HAVE TO use the Scanner for MSBuild.