Sonar-scanner a file in langage C

Hey,
If I want to scan C file is it necessary to build it before with a compilateur ?
Thanks
Frédéric.

Hi @FredAubert,

yes, we need to have a good configuration in order to properly analyze C files, you can follow the documentation: C/C++/Objective-C | SonarQube Docs .

Thanks for the answer.
I don’t undetrstand why it is necessary to build code to make an analyse of the metrics of the rules it is strange.

Hi @FredAubert,

in order to have correct code analysis of a given compilation unit we need to be aware of its compiler configuration for:

  • its include path to properly resolve include headers
  • its predefined macros definition

build-wrapper captures compiler configuration which is then used to configure the analysis.

Thank you.
I have to do a code analysis, I am not a developer but just someone who has to do a code quality analysis of a project.
I do not have the environment of development, compilation on my PC.
Do I have to install this environment on my PC? Do I have to compile the code before doing this analysis?

Hi @FredAubert,

yes, you need an environment where you are able to build the project.

Hi Massimo
Ok thanks for your answer.
And after when I am going to use this command :
`build-wrapper-win-x86-64.exe --out-dir build_wrapper_output_directory MSBuild.exe /t:Rebuild "
What is the directory " build_wrapper_output_directory" ? It must contain all the files from the compilation ?

And MSBuild.exe : it is the name of the build used ?

Frédéric.

Hi @FredAubert,

build_wrapper_output_directory it is the directory where build-wrapper-win-x86-64.exe will save the configuration.

I don’t know your project and how to build it, please try to build it successfully before trying to analyze it.

Hello,
sorry for the delay in my answer.
I am still trying to use the command:
Build-wrapper-win-x86-64.exe
I use a XILINX SDK to build my project, the command to compile online is an executable “arm-xilinx-eabi-gcc.exe”
In the help of the Build-wrapper-win-x86-64.ex command it says "Add execution of the Build Wrapper as prefix prefixes to your usual build command (the examples below use make, xcodebuild and MSBuild, but any build tool that can be used as a full build can be used)
In my case I do not know what I need to put in place of MSBuild.
And when I run the command I have the following message : Specify a project or solution file, the active working directory does not contain any.
Thank for your answer.
Best regard

Hi @FredAubert,

I cannot help you much if you don’t know how to build your project from command line. Don’t you have any CI for this project? How do you build it in your CI?

ok, I try to build it and will informe you.
Thank.

Hello
I build my projetc with succes with a SDK Eclipse
I have a directory with several files :
toto.elf
toto.hex
toto.map
makefile
object.mk
sources.mk
But I don’t use a command line to build my project I use the sdk and it seems that build-wrapper-win-x86-64.exe waits a command line.
I try this command :
build-wrapper-win-x86-64.exe --out-dir . aarch64-none-elf-gcc.exe
And the output message is :
fatal error : no input files
compilation terminated
As I use the SDK Eclipse I don’t know what are the parametes to the build command !

And I don’t undestand why I Have to compile my project to analyse it with SonarQube , it is strange.

Thank to hep me :slight_smile:

Hi @FredAubert,

Before trying to analyze the project try to get it built from command line.

Please don’t again the same question, I already answered you: Sonar-scanner a file in langage C - #3 by FredAubert.

Hello
I have analysed my project wtih succes !
Thanks for your availability
Frederic.

Hello
I still have a problem, I noticed in the sonar-scanner.bat trace that I had the following message;
Project configuration:
File ‘C: \ Users \ frederic.aubert \ Desktop \ Mission Rennes \ TrialCompilation \ src \ helloworld.c’ is ignored. It is not located in project basedir C: \ Users \ frederic.aubert \ Desktop \ Mission Rennes \ SonarQube \ scanner \ bin
Grrr
Thanks for your help !

Hi @FredAubert,

you should launch sonar-scanner.bat from your project folder which seems to be C: \ Users \ frederic.aubert \ Desktop \ Mission Rennes \ TrialCompilation or C: \ Users \ frederic.aubert \ Desktop \ Mission Rennes.

Hello,
Thanks a lot , it works now !!!
Frédéric.

Hi,
I introduced SonarQube to the developers and I have some questions that were asked to me
In the presentation I made, I used a scanner (sonar-scanner.bat) and a builder (build-wrapper-win-x86-64.exe)
And for that it was necessary that my code be compiled, from where the question which was asked to me: if I want to analyze just a source in C how I do, because I can not in this case compile my program.
The teams did not understand why it was necessary to compile the code (C language) whereas to make a static analysis it should not be necessary.
You said me : in order to have correct code analysis of a given compilation unit we need to be aware of its compiler configuration for:
its include path to properly resolve include headers
its predefined macros definition
But t is very restrictive, in coding phase, we can not compile the code.

Thanks.

Frédéric.

Hi @FredAubert,

I believe that in coding phase it is necessary to compile the code.

Even letting this thing aside, what we recommend is to setup the analysis of the projects at CI level and not run the analysis on developer side while coding.

In order to provide feedback to the developer there are 2 ways:

  • SonarLint: to provide fast feedback to the developer while coding
  • Pull Request Analysis to make sure the code is good before merging it to master branch

Hi Massimo Paladin,
Thank you for your reply.
But it seems that SonarLint works with langage C with Visual Studio
You confirm this ?
Fred.