SonarScanner for Gradle: Include scripts

SonarQube Server / Community Build
1

Versions used:

  • SonarQube: 8.4.2
  • SonarScanner for Gradle: 3.0.0

In an existing project, the app subproject is being scanned using the SonarScanner for Gradle plugin. This works fine so far.

Now I’d like to add a scripts directory on the top level to the scan, to be checked with the ShellCheck plugin. I added the following configuration:

// app/build.gradle
sonarqube { properties {
    property "sonar.sources", "src/main/, ../scripts/"
}}

However, the scripts are not scanned:

File 'scripts/pre-push-hook.sh' is ignored. It is not located in project basedir

What would be the cleanest way to achieve this? Moving the configuration to the root build.gradle and adding the scripts directory there? Would this change of relative file paths (from src/main/X to app/src/main/X) lead to existing comments and “isue ignores” in SonarQube being lost?

2

Hi,

sonar.sources needs to be relative to analysis root. Technically you’ve done that with ../ but that’s not what we meant. :joy:

You’re going to have to start analysis up a directory & do
property "sonar.sources", "subproject/src/main/, scripts/"

 
HTH,
Ann

3

Thanks Ann, that’s what I assumed. Would this change of relative file paths (from src/main/X to app/src/main/X ) lead to existing comments and “isue ignores” in SonarQube being lost?

4

Hi,

I believe the “file move detection” part of analysis would kick in here and keep your history.

 
HTH,
Ann