Sonarqube-scan-actoin does not read the code

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    SonarQube community v10.3 and sonarqube-scan-action (sonarsource/sonar-scanner-cli:5.0.1)

  • how is SonarQube deployed: zip, Docker, Helm

  • what are you trying to achieve
    run code scan through gitea actions, which is compatible with github actions. and hence uses sonarqube-scan-action according to GitHub - SonarSource/sonarqube-scan-action and
    sirhectorin/sonarqube-scan-action - sonarqube-scan-action - Gitea: Git with a cup of tea(mirror from github).
    I use self-hosted sonarqube community and gitea runner.

  • what have you tried so far to achieve this
    In a go project repo, I’ve added in root directory. and added Action yaml. I’m able to run the Action every time I push the code. I do see the logs that the code is checked out from the repo(to a local directory in runner, e.g. /root/.cache/act/9a8b09d56f57c17b/hostexecutor/.scannerwork)

Below is part of the Action Yaml:
name: Main Workflow
runs-on: linux_local
- uses: actions/checkout@v3
fetch-depth: 0
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@master

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!
However, from the runner logs, it indicated that no source files was analyzed. And, from SonarQube dashboard, there was no data either. My understanding is that the checked out code needs to be mounted to /usr/src of the scanner-cli container. This might be the cause of my issue. I’m a bit confused here. Any suggestions?

08:58:03.298 INFO: 0 source files to be analyzed
| 08:58:03.437 INFO: 0/0 source files have been analyzed

1 Like

Hey there.

Wow, I had no idea that Gitea… “cloned” GitHub Actions (or at least made it compatible). It’s certainly nothing that we’ve tested, so I’m crossing my fingers you get a reply from the “maintainer” (whoever cloned it).

Yes, this is how the scanner expects to work (see the docs on Running SonarScanner CLI from the Docker image).

You can also opt to not use the “github” action and manually download/call the scanner, either just running the docker image or manually running sonar-scanner after downloading it.

export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux
curl --create-dirs -sSLo $HOME/.sonar/$
unzip -o $HOME/.sonar/ -d $HOME/.sonar/

There’s now a guide from gitea: Integrating Gitea with Sonarqube for Enhanced Code Quality: A Step-by-Step Guide

I hope to see similar docs from sonarqube’s side as well because it seems there is no official support for gitea yet.