Sonarcloud analysis of C++ in GitHub Actions

Using SonarSource/sonarcloud-github-action@master

Scan C++ project on GitHub using GitHub Actions

My current workflow/main.yml is here:

My is here:

And the results are here:

Which says that 0 files were analyzed. I specified sonar.sources and sonar.tests according to an example I found on StackOverflow:

The build-wrapper seems to be running; I read over Unable to setup build-wrapper + sonar-scanner with GitHub Actions

Hello, @acgetchell, and welcome to the community!
And I appreciate the amount of research you’ve done.

I believe your issue stems from the use of the SonarSource/sonarcloud-github-action.
Unfortunately, SonarCloud GitHub Action uses a Docker container that does not support analysis of C-family languages.

Instead of the SonarCloud Action you should invoke sonar-scanner directly, like this:

      - name: Cache SonarCloud packages
        uses: actions/cache@v1
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar
      - name: Download and set up sonar-scanner
          SONAR_SCANNER_VERSION: # Find the latest version in the "Linux" link on this page:
        run: |
          mkdir -p $HOME/.sonar
          curl -sSLo $HOME/.sonar/ ${{ env.SONAR_SCANNER_DOWNLOAD_URL }} 
          unzip -o $HOME/.sonar/ -d $HOME/.sonar/
          echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH
      - name: Run sonar-scanner
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        run: |
          sonar-scanner --define""

You can also take a look at this repository for a complete working example.

Let me know if this helps or if the issue persists.


Thank you @necto for your reply, that did indeed fix the issue.

As a note, I don’t think the Cache SonarCloud packages will do anything without checking the results of cache hits. That is, I think the main.yml file given will always download and unzip sonar-scanner and build-wrapper. Thanks to your guide, I do have a working analysis file that does the right thing for cached SonarCloud packages:

Note that because the download/unzip steps are conditional, a separate step is required to set $GITHUB_PATH to the correct values whether or not there’s a cache hit.

The next trick is to get Code Coverage working. I have this working with Travis-CI and CodeCov, but I am not sure of the correct values for SonarCloud.

Thanks for the speedy replies, SonarCloud and SonarLint have been quite useful in catching mistakes other scanners have not.

Best, Adam

I’m glad that helped, and thank you very much for pointing out the incorrect use of the cache!
We will fix that in the example I linked.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.