Sonarcloud analysis of C++ in GitHub Actions

acgetchell · July 10, 2021, 7:41am

Thank you @necto for your reply, that did indeed fix the issue.

As a note, I don’t think the Cache SonarCloud packages will do anything without checking the results of cache hits. That is, I think the main.yml file given will always download and unzip sonar-scanner and build-wrapper. Thanks to your guide, I do have a working analysis file that does the right thing for cached SonarCloud packages:

github.com

acgetchell/CDT-plusplus/blob/develop/.github/workflows/main.yml#L121

    
      
              cmake -G Ninja -D CMAKE_BUILD_TYPE=Debug -D ENABLE_COVERAGE:BOOL=TRUE -S . -B build
          
          
- name: Cache SonarCloud packages and analysis
            uses: actions/cache@v2
            id: sonarcloud-cache
            with:
              path: ~/.sonar
              key: ${{ runner.os }}-sonar
              restore-keys: ${{ runner.os }}-sonar
          
          
- name: Download and setup sonar-scanner
            shell: bash
            env:
              SONAR_SCANNER_DOWNLOAD_URL: https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
            if: steps.sonarcloud-cache.outputs.cache-hit != 'true'
            run: |
              mkdir -p $HOME/.sonar
              curl -sSLo $HOME/.sonar/sonar-scanner.zip ${{ env.SONAR_SCANNER_DOWNLOAD_URL }}
              unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
          
          
- name: Download and setup build-wrapper

Note that because the download/unzip steps are conditional, a separate step is required to set $GITHUB_PATH to the correct values whether or not there’s a cache hit.

The next trick is to get Code Coverage working. I have this working with Travis-CI and CodeCov, but I am not sure of the correct values for SonarCloud.

github.com

acgetchell/CDT-plusplus/blob/develop/.travis.yml#L141

    
      
          - os: linux
            compiler: clang-10
            env: TSAN=true
            before_script:
              - export CMAKE_ARGS="-D ENABLE_SANITIZER_THREAD:BOOL=TRUE"
            after_success:
              - cd $TRAVIS_BUILD_DIR/build/
              - travis_wait 90 ctest -VV
              - cd src
              - ./initialize --s -n32000 -t11 -o
          # CodeCov
          - os: linux
            compiler: g++-10
            env: CODECOV=true
            before_script:
              - export CMAKE_ARGS="-D ENABLE_COVERAGE:BOOL=TRUE"
            script:
              - mkdir build
              - cd build || exit
              - cmake $CMAKE_ARGS ..
              - cmake --build . --config Debug

Thanks for the speedy replies, SonarCloud and SonarLint have been quite useful in catching mistakes other scanners have not.

Best, Adam

Topic		Replies	Views
When will sonarcloud C/C++ analysis support github actions? SonarQube Cloud cfamily , sonarqube-cloud	7	1360	March 26, 2021
SonarCloud Scan for C and C++ Announcements github , cfamily , github-actions	0	1118	November 23, 2022
GitHub Action to scan your C and C++ code with SonarQube Releases sonarqube , cfamily , github-actions	1	501	April 16, 2024
No C++ files were analyzed SonarQube Cloud cfamily	3	619	February 15, 2021
SonarQube GitHub Actions error SonarQube Server / Community Build sonarqube , scanner , sonarqube-cloud	4	260	September 26, 2023

Sonarcloud analysis of C++ in GitHub Actions

Related topics