I have been working on .NET project(s) - C# - and using SonarQube on Github repositories. At the moment, I am using Github action official-sonarqube-scan as scanner which I believe using SonarScanner CLI, is that correct?
Also, using sonarqube-quality-gate-check to check against the quality gate to return the result to github workflow.
My question is, documentation also suggest using SonarScanner .NET for .NET core/framework projects. However CLI seems to be working on C# code also with some differences. For ex. I could not see integration of with different Roslyn based analyzers like StyleCop Analyzer (added as Nuget package), mean it’s not being included on SonarScanner CLI results page. However, with SonarScanner .NET I can see that information.
Is there any resource I can check differences and get more info about them? Should I ALWAYS use SonarScanner .NET for C# projects? What are the cons & pros of using SOnarScanner .NET vs CLI?
Yes, you should always use the Scanner for .NET on C# projects. While you may see some files uploaded into SonarQube while using the Scanner for CLI, no actual analysis is being performed.
Thanks a lot for the reply, however what you mean no actual analysis is being performed. I can still see the output (SXXXX issues I see on SolarLint) on SonarQube via Github actions, but could not see the integration with external Roslyn analyzers, test coverage and etc. as I seed with .NET scanner. I wonder if I miss something here or official-sonarqube-scan works different than I thought? is actually doing more than I think? In general any place I checked uses the docker image Docker