SonarCloud Integration with Bitbucket not analysing C# files

Template for a good new topic, formatted with Markdown:
Hi,

I am trying to setup SoundCloud with Bitbucket Pipelines.
The language is .NET(CSHARP).

I created bitbucket-pipelines.yml file for the repo and after every commit, the branch is analysed.

On the dashboard, I see the project and files but there is no analysed data for the CSHARP files.

There is some HTML and XML files and these were successfully scanned but I cannot figure out why the CSHARP files are not.

Can anyone help to determine what i am doing wrong?
Below is my .yml file:

clone:
depth: full # SonarCloud scanner needs the full history to assign issues properly

definitions:
services:
docker:
memory: 2048
caches:
sonar: ~/.sonar/cache # Caching SonarCloud artifacts will speed up your build
steps:
- step: &build-test-sonarcloud
# size: 2x Doubles the Build Memory resources available for this step.
name: Build, test and analyze on SonarCloud
caches:
# See https://confluence.atlassian.com/bitbucket/caching-dependencies-895552876.html
- sonar
script:
# Build your project and run
- pipe: sonarsource/sonarcloud-scan:1.0.1

  - step: &check-quality-gate-sonarcloud
          name: Check the Quality Gate on SonarCloud
          script:
          - pipe: sonarsource/sonarcloud-quality-gate:0.1.3

pipelines: # More info here: https://confluence.atlassian.com/bitbucket/configure-bitbucket-pipelines-yml-792298910.html
branches:
develop:
- step: *build-test-sonarcloud
services:
- docker
- step: *check-quality-gate-sonarcloud

These are the warning records from the Pipeline build which might be revelant?

WARN: Could not find ref: master in refs/heads or refs/remotes/origin
WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by net.sf.cglib.core.ReflectUtils$1 (file:/root/.sonar/cache/a89f1943fc75b65becd9fb4ecab8d913/sonar-tsql-plugin.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte,int,int,java.security.ProtectionDomain)
WARNING: Please consider reporting this to the maintainers of net.sf.cglib.core.ReflectUtils$1
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
INFO: Sensor C# Properties [csharp]
WARN: Property missing: ‘sonar.cs.analyzer.projectOutPaths’. No protobuf files will be loaded for this project.
WARN: No Roslyn issues report found for this project.
WARN: Could not find ref: master in refs/heads or refs/remotes/origin

Thanks
Gary

Hi,

In order to get full analysis of your C# solution, you have to use the Scanner for MSBuild.

One way to achieve that is to use the dotnet global tool, you’ll find some tips in this other community thread : Bitbucket Pipe + SonarCloud + C#/.net core

Mickaël

Hi,

Thanks for the reply. When i tried your link and applied, i got this error.
I am trying to analyse .NET project (NOT CORE) so maybe a different image

/usr/share/dotnet/sdk/2.2.402/Microsoft.Common.CurrentVersion.targets(1175,5): error MSB3644: The reference assemblies for .NETFramework,Version=v4.5.2 were not found. To resolve this, install the Developer Pack (SDK/Targeting Pack) for this framework version or retarget your application. You can download .NET Framework Developer Packs at https://aka.ms/msbuild/developerpacks [/opt/atlassian/pipelines/agent/build//.csproj]

Thanks

Hi,

I don’t know what image you are using in your pipeline, but for .NET framework projects we use:

image: atlassian/default-image:2

It might be worth giving that image a try if you are using a different one currently.

Hi Dibbdob,

Thanks for your reply. I tried you suggestion but got an different error

  • dotnet tool install --global dotnet-sonarscanner
    bash: dotnet: command not found

This is my pipeline file(with project/sensitve data removed):

image: atlassian/default-image:2

pipelines:
branches:
“develop”:
- step:
name: Running SonarCloud Analysis
services:
- docker
script:
- apt-get update
- apt-get install --yes --force-yes openjdk-8-jre
- export PATH="$PATH:/root/.dotnet/tools"
- dotnet tool install --global dotnet-sonarscanner
- dotnet sonarscanner begin /k:“" /d:"sonar.login=” /o:“" /v:"” /d:“sonar.host.url=https://sonarcloud.io”
- dotnet build .sln
- dotnet sonarscanner end /d:"sonar.login=
"
definitions:
services:
docker:
memory: 3072 # increase memory for docker-in-docker from 1GB to 3GB

I can successfully analyse it locally and see the results in SonarCloud by using the command line prompts which uses my local MSBuild but I was hoping that it could be analysed without needing to do this.

I assumed you could do it via Bitbucket Pipelines but maybe its not possible?

Thanks

Hi,

In order to have the dotnet CLI to work, you have to install at least the version 2.1 of the .NET core SDK (given the description of the image here it appears that it’s not installed by default), you can follow the instructions here for the installation.

Mickaël

Hi,

Here’s an example of the pipelines yaml that works for us. Hope it might be of use to you.

(Apologies if the formatting is weird, I’m not the best typist on my phone!)

image: atlassian/default-image:2

pipelines:
branches:
“{master, develop}”:
- step:
name: Running SonarCloud Analysis
caches:
- sonar
services:
- docker
script:
- pipe: sonarsource/sonarcloud-scan:0.1.5
variables:
SONAR_TOKEN: {SONAR_TOKEN} DEBUG: {SONAR_DEBUG}
EXTRA_ARGS: -Dsonar.verbose={SONAR_VERBOSE} -Dsonar.projectKey=xxx -Dsonar.organization=xxx -Dsonar.projectVersion={BITBUCKET_COMMIT}
pull-requests:
‘**’: #this runs as default for any branch not elsewhere defined in this script
- step:
name: Running SonarCloud Analysis
caches:
- sonar
services:
- docker
script:
- pipe: sonarsource/sonarcloud-scan:0.1.5
variables:
SONAR_TOKEN: {SONAR_TOKEN} DEBUG: {SONAR_DEBUG}
EXTRA_ARGS: -Dsonar.verbose=${SONAR_VERBOSE} -Dsonar.projectKey=xxx -Dsonar.organization=xxx
definitions:
caches:
sonar: ~/.sonar/cache
services:
docker:
memory: 3072 # increase memory for docker-in-docker from 1GB to 3GB

Hi Dibbdob,

Thanks very much for this. I ran this and it was successful but it did not seem to push any data to SonarCloud.
Is there an additional step(pipe)which needs to be executed?

Thanks again,
Gary