SonarQube with Build Wrapper discarding C code analysis

redo · October 17, 2022, 8:37am

We are using SonarQube Developer Edition version 9.6.1.59531
C code is not scanned and covered. All other projects which are using other programing languages are scanned correctly.
Quality Gate is enabled and it always passes.
Our code is compiled with cmake. We have added the necessary sonar.properties configurations and we are using build-wrapper to build it for analysis.
We have introduced new bugs and syntax errors in the code, but SonarQube did not catch them.
C Code and Build wrapper is downloaded in a container. We are using the following commands:
- .sonar/build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir .sonar/bw-output cmake BUILD OPTIONS
- sonar-scanner -X
Build wrapper output dir is set in the sonar.properties file.

Do you have any clue , why SonarQube is not catching new bugs?

Colin · October 18, 2022, 9:46am

Hey there.

I would suggest uploading your analysis logs for review, redacting any sensitive information.

redo · October 24, 2022, 4:20pm

Hello @Colin . Thanks for your reply. Also we have update SonarQube to version 9.7.0.61563. For the tests we have created a new repo with a single C file (counter.c) to try if everything is working.Complete new sonar.properties file with the suggested configurations from SonarQube. Quality Gate is enabled by default. We have the same behavior. The file is not covered at all. As you suggested, i am adding the log from the pipeline.
sonar.log (85.6 KB)
Every suggestion will be much appreciated.
Thanks!

Geoffray · October 26, 2022, 2:32pm

Hello @redo ,

From what I can see in your log, there is a problem in the way the build-wrapper is called.
You are calling the build-wrapper with the command that configures your build. Because of this, the build-wrapper can only see the way CMake tests files are compiled. Not your files.

.sonar/build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir .sonar/bw-output cmake -S . -D CMAKE_BUILD_TYPE=Release -D CMAKE_INSTALL_PREFIX=/usr/bin

Instead, you should call it with the command performing a clean build of your code (after configuring it of course). I think that would look more like this:

cmake -S . -D CMAKE_BUILD_TYPE=Release -D CMAKE_INSTALL_PREFIX=/usr/bin
ROOT_DIR="$PWD"
cd <your build directory>
.sonar/build-wrapper-linux-x86/build-wrapper-linux-x86-64 --out-dir .sonar/bw-output cmake --clean-first --build "$ROOT_DIR"

More detail is available in the C and C++ help of SonarQube.

Tell me if it helps

system · November 29, 2022, 9:34am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.