This all worked fine until I had to add a second checkout step to my build pipeline. This had the affect of pushing both checked-out repos into separate subfolders under (Agent.BuildDirectory)\s (see docs). So whereas before I had D:\a\1\s\sonar-project.properties in builds on Windows; now it’s at D:\a\1\s<repo-name>\sonar-project.properties.
So now the subsequent SonarQubeAnalyze@4 task fails because it can’t find the properties file:
INFO: Project root configuration file: NONE
How can I tell the SonarQubePrepare task where to find sonar-project.properties now please?
Generally, analysis should run from project root. I.e. it should start right next to your properties file. Are you expecting your two different checkouts - your two different projects - to be analyzed together as one project? Or are you expecting two different analyses to run?
Thanks Ann. I used to have one checkout task to fetch the Python code and then a bash task to git clone the C++ code from another repository in the same Azure DevOps org. In this scenario the SQ properties file was in the root folder. But now Azure discourages you from git cloning other repos (they disable it by default in the org settings) and suggest you simply add another checkout step. But when you do this the first repo you checkout is no longer in the root folder (see the docs link I gave before).
So I would previously run the one analysis, as intended, on both the Python and C++ code (C++ extensions for the Python). But now this has stopped working because the properties file is no longer in the root folder. This issue will hit any other DevOps user with more than one checkout step in their pipeline. So is there an option in the SonarQubePrepare task I can use to tell it where to find the properties file now please? I’d want to set it to $(Build.SourcesDirectory)/<repo_name>
There used to be a parameter to point to the properties file, although I can’t find it in the documentation anymore. I think I’m showing my (SonarQube) age & it was removed a long time ago. The other option is to point to the sonar.projectBaseDir on the command line. I didn’t suggest that off the bat because it’s not clear to me what the directory structure is after your two checkouts & whether that will leave out half your code.
Another option would be to use whatever scripting Azure allows to move things around and/or cd into the proper directory.
Ok thanks for your ideas! The properties file is now in $(Build.SourcesDirectory)/<Python_repo_name> and the C++ is under $(Build.SourcesDirectory)/<C++_repo_name>. I’ll try something tomorrow and update here if I get it to work. But I do think an option should be added to the SonarQubePrepare task to allow users to tell it where to find the properties file, if there isn’t one now/any more…
So cliSources is being used to point at the folder I want to analyse.
I’d forgotten to say before that I have a previous task in which I copy the C++ code from $(Build.SourcesDirectory)/<C++_repo_name> to $(Build.SourcesDirectory)/<python_repo_name>/<source_folder>/cpp (required for compilation of the C++ by Python’s setup.py). I then use sonar.exclusions above to exclude the C++ code from the analysis, since I already perform a SQ analysis on the C++ code in its own repo in a separate build pipeline anyway.
As the sonar-project.properties file is now redundant I decided to delete it to avoid possible confusion. Any other properties I’d set in that file I simply copied to the extraProperties section above.
The above worked but the SonarQube web UI then complained it couldn’t find the SCM provider. And when I set sonar.scm.provider to git in the UI to fix the this warning, SonarQubeAnalyze then crashed with “Not inside a Git work tree”! So I eventually ended up with this instead:
I found it useful to look in the Azure DevOps log messages of the SonarQubePrepare task to see how all these parameters get converted into the actual arguments used by the sonarqube scanner.
With this solution I no longer needed to set sonar.scm.provider in SQ’s web UI.
