Sonarqube integration with dotnet framework apps

We are trying to integrate Sonar scan for code coverage for dontnet framework apps via github actions on selfhosted runner, we have documentation for window-latest but not self hosted. Could you please help us on this.

What specific issues are you seeing? What have you tried?

Please include code snippets, minus proprietary information.

1 Like

I have used the below code for sonar scanner but the build output comesup with warning (WARN: Your project contains C# files which cannot be analyzed with the scanner you are using. To analyze C# or VB.NET, you must use the SonarScanner for .NET 5.x or higher, see SonarScanner for .NET | SonarQube Docs)
name: SonarQube CI

on:
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]
jobs:
sonarqube:
runs-on: self-hosted
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
- name: SonarScanner for .NET 5
uses: SonarSource/sonarqube-scan-action@v1.1.0
with:
# The key of the SonarQube project
sonarProjectKey:
# The name of the SonarQube project
sonarProjectName:
# Optional command arguments to dotnet build
dotnetBuildArguments: src
env:
SONAR_TOKEN:
SONAR_HOST_URL:
LC_ALL: “ru_RU.UTF-8”

I tried to follow the documentation (SonarScanner for .NET | SonarQube Docs) addressed and it worked in my local (as it is windows), but i wanted to convert them to Github actions, but its failing as our Sonar is self-hosted, I would need help for self-hosted runner for sonar integration to our dotnet framework app

What OS are the Github Runners?

it is linux

Could you please help on the above issues on dotnet framework apps

Sorry, I’m not familiar with linux and Sonar. Hopefully others on here can help.

It might be helpful to expand on which implementation and version of linux you are working with.

Hey there.

@Wildcat Thanks for collecting additional information! It really helps.

@Suchetha_Reddy Please do not bump threads, certainly not after 5 hours. Please take time to read our Community FAQ (a nice way of saying, “the rules”").

It looks like you’re trying to use SonarSource/sonarqube-scan-action to analyze .NET code. This isn’t possible, as noted in the action.

In fact, when you create a new project in SonarQube, you should find a tutorial for GitHub Actions + .NET which will tell you how to configure your build.

I can’t quite find out how to access the tutorials for a project that has already been scanned (even if that scan was bogus) other than visiting http://<SONARQUBE_URL>/tutorials?id=<PROJECT_KEY> I’ll raise this point to the relevant team. If you can’t sort out the URL, you can create a new project.

We have tried this route already which worked in local but we are trying to implement via Github actions for self hosted linux runner, could you please help

Did you follow the tutorial specifically for GitHub Actions? What happened?

Github actions worked for windows latest, but not for self hosted runner

It’s really important that you share detailed information – what didn’t work? What was the output of the logs?

Please find the below code for reference
error message
sonar-scanner-dotnetframework

Invalid shell option. Shell must be a valid built-in (bash, sh, cmd, powershell, pwsh) or a format string containing ‘{0}’

code:
name: SonarQube-CI

on:
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]

jobs:
sonar-scanner-dotnetframework:
runs-on: self-hosted
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0

- name: Set up JDK 11
  uses: actions/setup-java@v1
  with:
    java-version: 1.11

- uses: actions/checkout@v2
  with:
    fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis

- name: Installing Sonar scanner MSBuild
    if [ -d $instalation_dir ]; then ###      instalation_dir=~/SonarScannerCLI
  run: |
  shell:
    mkdir -p $instalation_dir
    fi
- name: Download Sonar scanner
  env:
    SONAR_TOKEN: 
    SONAR_HOST_URL: 
  run: |
   echo "########## INSTALLING SONAR SCANNER ##########"
   printf "Downloading... "
   wget -q https://github.com/SonarSource/sonar-scanner-msbuild/releases/download/5.7.2.50892/sonar-scanner-msbuild-5.7.2.50892-net46.zip
   printf "Complete!\n"
   unzip -q sonar-scanner-msbuild-5.7.2.50892-net46.zip
   rm sonar-scanner-msbuild-5.7.2.50892-net46.zip
   echo "Installing on "$instalation_dir
   sudo mv sonar-scanner-msbuild-5.7.2.50892-net46 $instalation_dir
   echo "Adding Sonar Scanner to PATH..."
   echo 'export PATH="'$instalation_dir'/bin:$PATH"' >> ~/.bashrc
   dotnet tool update dotnet-sonarscanner
# - name: Cache SonarQube scanner
#   id: cache-sonar-scanner
#   uses: actions/cache@v1
#   with:
#     path: .\.sonar\scanner
#     key: ${{ runner.os }}-sonar-scanner
#     restore-keys: ${{ runner.os }}-sonar-scanner

# - name: Install SonarQube scanner
#   if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
#   shell: powershell
#   run: |
#     New-Item -Path .\.sonar\scanner -ItemType Directory
#     dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner    

- name: Setup MSBuild
  uses: microsoft/setup-msbuild@v1.1

- name: Setup Nuget
  uses: nuget/setup-nuget@v1

- name: Restore NuGet packages
  run: nuget restore src/Episerver/Episerver.VIOC.sln

- name: Build the Solution
  env:
    GITHUB_TOKEN: 
  shell: powershell
  run: |
    $instalation_dir/'SonarScanner.MSBuild.exe begin /k:"" /d:sonar.login:"" /d:SONAR_HOST_URL:""
    MsBuild.exe /t:Rebuild
    $instalation_dir/'SonarScanner.MSBuild.exe end /d:sonar.login="$"

This looks a lot different than the tutorial shared in the UI – did you try following the tutorial on your SonarQube?

In any case, it looks like you didn’t specify the shell (like powershell) here:

- name: Installing Sonar scanner MSBuild
    if [ -d $instalation_dir ]; then ###      instalation_dir=~/SonarScannerCLI
  run: |
  shell:
    mkdir -p $instalation_dir
    fi

Added powershell aswell but its failing again

Could you please help on the above issue

Hey there.

If you aren’t following the in-UI tutorial and instead using another example (and facing GitHub errors as a result), there’s not much help we can give. I would again suggest following the tutorial in the SonarQube UI.