Sonarcloud java files analysis

Hello all,

I have followed the process illustrated in the link: to integrate sonarcloud with azure DevOps and successfully analysed the Repo found in: The reults were mainly C# codes.
Later, I tried to analyse another code with Repo filled with security vulnerabilities in Java and other languages: but the analyses results only returned C# code smells! Am I missing something? Why only C# being analysed?

Hey there.

How did you configure your Azure Pipelines YML? Feel free to share it here.

Hello Colin,

Kindly find below. Please note that I tried both Azure agent and a local agent on my laptop but no luck.

- master

  vmImage: ubuntu-latest

- checkout: self
  fetchDepth: 0

- task: SonarCloudPrepare@1
    SonarCloud: *******
    organization: *******
    scannerMode: 'Other'
    extraProperties: |
      # Additional properties that will be passed to the scanner,
      # Put one key=value per line, example:
      # sonar.exclusions=**/*.bin

- task: Gradle@2
    gradleWrapperFile: 'gradlew'
    tasks: 'build'
    publishJUnitResults: true
    testResultsFiles: '**/TEST-*.xml'
    codeCoverageToolOption: 'Cobertura'
    codeCoverageClassFilesDirectories: 'build/classes/main/'
    javaHomeOption: 'JDKVersion'
    jdkVersionOption: '1.8'
    gradleOptions: '-Xmx3072m'
    sonarQubeRunAnalysis: true
    sqGradlePluginVersionChoice: 'build'
    spotBugsAnalysis: false

- task: SonarCloudPublish@1
    pollingTimeoutSec: '300'

It would be very surprising to see C# files analyzed in that case, as you aren’t using the Scanner for .NET.

Can you share the pipeline logs with --info appended to the Gradle command? I have a feeling you have a successful analysis already targeted at that project key, but the analysis you think you’re performing is never actually getting to SonarCloud.