Support monorepo build-systems for .NET SonarScanner/Azure Pipelines tasks


Within monorepos it is common to use monorepo build-systems such as Nx, Gradle or Bazel.
These build-systems are often able to determine which of the projects/applications within a repository have been affected by a change.
This saves valuable time and resources when building the applications in a repository.

See: Issues setting up Azure Devops NX monorepo

Problem definition

Unfortunately the SonarScanner for .NET and the Azure Pipelines tasks that utilize it do not support these kind of build-systems.
Primarily because SonarScanner for .NET must be executed with a /begin' and /end` option for a single project. Multiple projects cannot be build between the executions of these commands.

As a result users have to resort to writing their own extensions to the build-system. Which is undesirable and takes considerable effort.

Possible solution

[OverSimplified] Provide functionality for the SonarScanner for .NET to be aware of or, made aware of multiple projects which will be built. In turn, this can be passed from the Azure Pipelines tasks to SonarScanner for .NET and users will no longer be faced with this issue.

Additional information
I am assuming that this is a feature that would be useful for other scanners as well.
To the best of my knowledge the SonarScanner CLI does not support this either and requires individual tasks to be added for each project in a monorepo.

Instead a single task which can be passed the project keys to analyze would be preferable. Then it is up to the user to determine “which” projects should be analyzed. This removes the need to add many individual Azure Pipelines tasks.

Hi Robert

Thanks for sharing this, as you can imagine it would be a significant change for us and I don’t see us doing it in the near future, however I’ll keep an eye out for similar use cases that might support a change like this.

Kind regards