SonarScanner for .NET Framework, what to put in the Buildspec?

I am creating a CQ scan step for SonarCloud on AWS CodePipeline for an application that uses an older .NET framework. I am trying to understand what exactly I should be putting in the buildspec. The build instructions that I am seeing on SonarCloud explain how to install .net core, but not .NET Framework. If anyone could provide me with an example of what I should be putting in the Buildspec I would really appreciate it. Thank you.

Hey there.

I would recommend that you focus on having a working .NET Framework build, and then add in SonarCloud analysis by installing the .NET Framework flavor of the Scanner for .NET (downloading it, unzipping it, and either placing it on your $PATH or referencing the full path of your installation) and wrapping you build with the begin/end steps.

SonarScanner.MSBuild.exe begin /k:"project-key" /o:"<organization>" /d:sonar.login="<token>"
MSBuild.exe <path to solution.sln> /t:Rebuild
SonarScanner.MSBuild.exe end /d:sonar.login="<token>"

We don’t have any specific integration or experience with AWS CodePipeline, but the instructions are fairly generic. Running an analysis locally first might help you understand what needs to be done in your pipeline.

1 Like