Hello @Jcfjcf77400, and thanks for sharing the problem with us,
This issue currently impacts users of the sonarqube-scan-action GH action when trying to scan C and C++ files. We are planning to handle it soon, see this ticket [SQSCANGHA-42] - Jira.
To give some technical details: The problem happens because the sonarqube-scan-action currently tries to run the CFamily analyzer on an alpine-based image, which the analyzer currently doesn’t support. We have recently released a compatible version of the image, and we are planning to handle the mentioned ticket and fix the action once we collect some feedback on the new image.
For the time being, you can try to avoid using the mentioned action by downloading and running the scanner manually. Something like this:
jobs:
sonarqube:
name: Analyze
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: SonarQube Scan
run: |
mkdir $HOME/.sonar
curl -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-6.1.0.4477-linux-x64.zip
unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
export PATH=$HOME/.sonar/sonar-scanner-6.1.0.4477-linux-x64/bin:$PATH
sonar-scanner
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONARQUBE_SCAN_TOKEN }} # Put the name of your token here
SONAR_HOST_URL: ${{ secrets.SONAR_URL }} # SonarQube URL is stored in a GitHub secret
Best regards,
Michael