Sonar does not seem to be scanning any of my files

Noam_A · March 27, 2023, 9:05pm

I setup a bitbucket pipeline to use sonarcloud. The pipeline says it ran successfully but it doesn’t seemed to have scanned any files. When I navigate to the code tab, and look at the .cs files, it has a —
by the lines of code column. Even though if I click on the file I can see the code.

here is my bitbucket-pipelines.yml file

image: mcr.microsoft.com/dotnet/sdk:7.0 # Choose an image matching your project needs

clone:
  depth: full              # SonarCloud scanner needs the full history to assign issues properly

definitions:
  caches:
    sonar: ~/.sonar/cache  # Caching SonarCloud artifacts will speed up your build
  steps:
    - step: &build-test-sonarcloud
        name: Build, test and analyze on SonarCloud
        caches:
          - dotnetcore           # See https://confluence.atlassian.com/bitbucket/caching-dependencies-895552876.html
          - sonar
        script:
          - export PROJECT_NAME=xxxxxxxx
          - cd xxxxx
          - dotnet restore xxxx.sln
          - dotnet build xxxx.sln
          - pipe: sonarsource/sonarcloud-scan:1.4.0
    - step: &check-quality-gate-sonarcloud
        name: Check the Quality Gate on SonarCloud
        script:
          - pipe: sonarsource/sonarcloud-quality-gate:0.1.6

pipelines:                 # More info here: https://confluence.atlassian.com/bitbucket/configure-bitbucket-pipelines-yml-792298910.html
  branches:
    master:
      - step: *build-test-sonarcloud
      - step: *check-quality-gate-sonarcloud
  pull-requests:
    '**':
      - step: *build-test-sonarcloud
      - step: *check-quality-gate-sonarcloud

ganncamp · March 28, 2023, 4:23pm

Hi,

Welcome to the community!

It looks like you’re using the vanilla SonarScanner CLI. For C#, you need to use the SonarScanner for .NET. Unfortunately, I don’t have the exact syntax of its use in a Bitbucket pipeline to give you.

Ann

Noam_A · March 28, 2023, 5:23pm

Thank you for answering, I am running this from my bitbucket pipeline. I do not see a place to use the CLI, just a pipe for sonarcloud-scan. Is there some argument that I am supposed to add to the pipe for dotnet? The link you sent seems to be used from a command line

ganncamp · March 28, 2023, 5:44pm

Hi,

How do you normally use CLI tools from a Bitbucket pipeline? Presumably you just make sure they’re installed on the build agent and invoke them, right? It will be the same for using the SonarScanner for .NET.

HTH,
Ann

Noam_A · March 28, 2023, 7:04pm

That is correct, but when I configured the project in SonarCloud in the Analysis Method,
I selected bitbucket as the pipeline, and dotnet as the language. The tutorial then told me to add the lines I added. Please see below

I setup sonarqube on my own machine (via docker) and was about to get it to scan properly. Just not through bitbucket integration with SonarCloud.

Thank you for your help, I appreciate it

ganncamp · March 29, 2023, 1:21pm

Hi,

Thanks for the screenshot. It’s very helpful.

Unfortunately, it seems we don’t have a full suite of instructions for BitBucket (a point which I’ll be raising internally). Normally there should be a 5th option there, for .NET / C#. And it would tell you to use the SonarScanner for .NET as I did above.

Ann

Noam_A · March 29, 2023, 3:52pm

Thank you. I was able to get it working. For anyone with the same issue here is the pipeline file that works

image: mcr.microsoft.com/dotnet/sdk:7.0

pipelines:
  default:
    - parallel:
        - step:
            name: Build and No Test
            caches:
              - dotnetcore
            script:
              - export SOLUTION_NAME=xxx
              - export CONFIGURATION=Debug
              - export PATH="$PATH:/root/.dotnet/tools"
              - REPORTS_PATH=./test-reports/build_${BITBUCKET_BUILD_NUMBER}
              - apt-get update
              - apt-get install --yes --force-yes
              - apt-get install -y openjdk-11-jre
              - cd xxx-xxx
              - dotnet tool install --global dotnet-sonarscanner
              - dotnet sonarscanner begin /k:"xxx_xxx" /d:"sonar.host.url=https://sonarcloud.io"  /d:sonar.login="${SONAR_TOKEN}" /o:"xxx"
              - dotnet build ${SOLUTION_NAME}.sln
              - dotnet sonarscanner end /d:"sonar.login=${SONAR_TOKEN}"
        
  branches:
    master:
    - parallel:
        - step:
            name: Build and No Test
            caches:
              - dotnetcore
            script:
              - export SOLUTION_NAME=xxx
              - export CONFIGURATION=Debug
              - export PATH="$PATH:/root/.dotnet/tools"
              - REPORTS_PATH=./test-reports/build_${BITBUCKET_BUILD_NUMBER}
              - apt-get update
              - apt-get install --yes --force-yes
              - apt-get install -y openjdk-11-jre
              - cd xxx-xxx
              - dotnet tool install --global dotnet-sonarscanner
              - dotnet sonarscanner begin /k:"xxx_xxx" /d:"sonar.host.url=https://sonarcloud.io"  /d:sonar.login="${SONAR_TOKEN}" /o:"xxx"
              - dotnet build ${SOLUTION_NAME}.sln
              - dotnet sonarscanner end /d:"sonar.login=${SONAR_TOKEN}"

system · April 5, 2023, 3:52pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.