SonarQube rules not working on TypeScript

carel_b · December 21, 2023, 3:48pm

I am trying to set up SonarQube to scan an Angular project using Typescript. SonarLint linked to the SonarQube instance can detect a codesmell.

The project is configured as:

sonar.projectKey=redacted
sonar.qualitygate.wait=true
sonar.sources=src
; sonar.exclusions=node_modules/**,dist/**,**/*.spec.ts
;
; sonar.tests=src
; sonar.test.inclusions=**/*.spec.ts

sonar.eslint.reportPaths=reports/eslint.json
sonar.javascript.lcov.reportPaths=reports/lcov.info

When I run the SonarQube job in Gitlab with the sonarsource/sonar-scanner-cli:latest docker image, no code smells except the ones generated by ESLint are reported.

Running server 9.9.1.69595 deployed with Helm which works fine on all other projects with other languages.

I’ve attached the output of the CI job.

job.txt (164.7 KB)

Colin · December 22, 2023, 11:12am

SonarLint will detect all issues on a file, while your pull request analysis will only detected issues on changed lines of changed files.

With that in mind, would it make sense for the other issues to be raised in this PR analysis?

Do the issues appear on a full branch analysis (an analysis of the main branch)?

carel_b · December 22, 2023, 12:45pm

Hi Colin,

There is nothing in the main branch and all the code is in the MR being scanned. Please see this screenshot of the MR.

Colin · December 22, 2023, 4:12pm

That’s odd, as it appears the scanner both finds a cache for the main branch

15:25:07.152 INFO: Load analysis cache
15:25:07.166 DEBUG: GET 200 https://REDACTED.co/api/analysis_cache/get?project=REDACTED_REDACTED_frontend_REDACTED-dashboard_AYyHMTmIDyIwfEloQV4p&branch=main | time=14ms
15:25:07.175 INFO: Load analysis cache (4.3 kB) | time=23ms

And then uses it:

15:25:16.871 DEBUG: Files which didn't change will be part of UCFG generation only, other rules will not be executed
...
15:25:17.932 INFO: Analyzed 5 file(s) with current program
15:25:17.938 INFO: 5/5 source files have been analyzed
15:25:17.938 INFO: Hit the cache for 5 out of 5
15:25:17.939 INFO: Miss the cache for 0 out of 5
15:25:17.939 INFO: Sensor TypeScript analysis [javascript] (done) | time=5316ms

Is there really nothing displayed when you view the main branch in SonarQube (putting aside what you see in Gitlab)?

This might just be a red herring, but it doesn’t sound like there’s no analysis of the main branch.

carel_b · December 22, 2023, 5:45pm

No there is nothing in the main branch except a readme and .gitignore file.

I’ve added the SonarQube config only for the branch that is currently in Gitlab’s merge request that triggers the pipeline and SonarQube scan.

Colin · December 22, 2023, 7:46pm

But putting aside what you see in Gitlab, what do you see in SonarQube when you look at the main branch of the SonarQube project?

carel_b · December 23, 2023, 4:52am

Ok, this is very strange, it seems it has the code in SonarQube under the main branch, which is not the case. That code has never been in the main branch and only exists in the branch we made the MR for.

How is this possible?

carel_b · December 23, 2023, 5:11am

I deleted the project and recreated it. It works now.

Topic		Replies	Views
Typescript rules not detected in an Angular application SonarQube Server / Community Build typescript , sonarqube , rules	3	2157	July 22, 2020
Typescript files not scanned SonarQube Server / Community Build typescript , scanner	1	5746	September 25, 2020
SonarQube finds No Issues in Typescript, but local SonarTs finds many errors SonarQube Server / Community Build typescript	11	2364	January 31, 2020
Typescript in angular is not analyzed SonarQube Server / Community Build typescript	1	1411	September 25, 2020
Angular 13 Code not appearing on sonar analysis SonarQube Cloud typescript , scanner	1	877	January 19, 2022

SonarQube rules not working on TypeScript

Related topics