Sonarqube-scan-actoin does not read the code

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    SonarQube community v10.3 and sonarqube-scan-action (sonarsource/sonar-scanner-cli:5.0.1)

  • how is SonarQube deployed: zip, Docker, Helm
    Docker

  • what are you trying to achieve
    run code scan through gitea actions, which is compatible with github actions. and hence uses sonarqube-scan-action according to GitHub - SonarSource/sonarqube-scan-action and
    sirhectorin/sonarqube-scan-action - sonarqube-scan-action - Gitea: Git with a cup of tea(mirror from github).
    I use self-hosted sonarqube community and gitea runner.

  • what have you tried so far to achieve this
    In a go project repo, I’ve added sonar-project.properties in root directory. and added Action yaml. I’m able to run the Action every time I push the code. I do see the logs that the code is checked out from the repo(to a local directory in runner, e.g. /root/.cache/act/9a8b09d56f57c17b/hostexecutor/.scannerwork)

Below is part of the Action Yaml:
name: Main Workflow
jobs:
sonarqube:
runs-on: linux_local
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }}

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!
However, from the runner logs, it indicated that no source files was analyzed. And, from SonarQube dashboard, there was no data either. My understanding is that the checked out code needs to be mounted to /usr/src of the scanner-cli container. This might be the cause of my issue. I’m a bit confused here. Any suggestions?

08:58:03.298 INFO: 0 source files to be analyzed
| 08:58:03.437 INFO: 0/0 source files have been analyzed

Hey there.

Wow, I had no idea that Gitea… “cloned” GitHub Actions (or at least made it compatible). It’s certainly nothing that we’ve tested, so I’m crossing my fingers you get a reply from the “maintainer” (whoever cloned it).

Yes, this is how the scanner expects to work (see the docs on Running SonarScanner CLI from the Docker image).

You can also opt to not use the “github” action and manually download/call the scanner, either just running the docker image or manually running sonar-scanner after downloading it.

export SONAR_SCANNER_VERSION=5.0.1.3006
export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux
curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
export PATH=$SONAR_SCANNER_HOME/bin:$PATH
sonar-scanner