I try to scan our project with build-wrapper-linux-x86-64 around the platformio ci build. The result looks good and I get feedback to the findings.
Unfortunately the findings are not mapped back to original source file in GIT but to a copy of the sources in the temporary bin path created by platformio. Is there a trick to tell the SonarScanner to prefer original sources over the copies?
Hi Massimo,
thanks for helping. Not sure why I did not find this myself - I thought it is related to platformio, so my search query might have been bad.
I’ll try with the links you gave me and report back.
sed -i 's|OpenBikeSensorFirmware/bin|OpenBikeSensorFirmware|' \
sonarqube-out/build-wrapper-dump.json
sed -i 's|.pio/build|bin/.pio/build|' \
sonarqube-out/build-wrapper-dump.json
The bin directory is used as working directory, so I pull this up to the project directory with the 1st call to sed. And then correct the relative paths to .pio/build/... again by adding bin/ in front with the 2nd sed.
Most of the directories in build-wrapper-dump.json are absolute, but some point to supplement files that relative like the object files e.g. .pio/build/esp32dev/src/VoltageMeter.cpp.o. To make them valid again the 2nd sed adds the bin/ again that was removed by changing the working directory. I don’t know if the files are actually used.
I believe they are not used, the second sed call may actually not change things, the important one is the first sed call, we are interested about source files only (.cpp, .c, .h, …), not object files.