Scanning CloudFormation templates using SonarQube

SonarQube Server / Community Build
, ,
1
  1. Information about the system:
  • SonarQube version 9.8
  • Developer Edition
  • sonnarScanner version 4.7

  1. We were stuck up on scanning CloudFormation templates using SonarQube. The system is taking YAML Quality Profile to analyse CloudFormation templates, as we have written the templates in YAML. We also enabled CloudFormation toggles from the setting of SonarQube Language options.
    We have also manually assigned Project to use CloudFormation as the Quality profile but it’s failing to analyse CloudFormation templates.

  2. Below where the commands we have executed to analyse the CloudFormation templates
    sonar-scanner.bat -D"sonar.projectKey=demo" -D"sonar.sources=." -D"sonar.host.url=http://localhost:9000" -D"sonar.login=sqp_ab72bdbda1acbe92e4903ee74e09b654157d3fb7"

we have also used below parameters also D"sonar.cloudformation.file.identifier=AWSTemplateFormatVersion" D"sonar.cloudformation.file.suffixes=”.yaml”

2

Hey there.

Can you provide a copy of a file that SonarQube fails to pick up / recognize as a CloudFormation template to scan?