which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) 6.75
what are you trying to achieve : Command line scanner in TFS
what have you tried so far to achieve this
I am trying to configure the Perform a SonarQube analysis (SonarQube Scanner CLI) using the extension from the TFS Market Place for TFS 2018.
What I have setup in TFS is Build that is just going to use the CLI scanner to scan source (the REPO) whenever something is committed. The project in TFS Git is primarily JSON Config files, but there is are also Javascript files, with the .sjs extension.
What I seem to be having an issue with is defining what files to pull into the scanner via the CLI task. I’m not sure what should be defined in Sources. I put $(Build.Repository.LocalPath). But I’m not sure that is correct.
When I run the job it completes, but when I look at SonarQube Web UI I don’t think its scanning the files.
Do we have to define the extension of .sjs to be javascript?
When I run the scanner it only says 2 files scanned and they were both .xml files. In the whole project there are more than 2 xml files.
Here is the Log
******************************************************************************
Starting: Perform a SonarQube analysis
******************************************************************************
==============================================================================
Task : SonarQube Scanner CLI
Description : Perform a SonarQube analysis of the source code of your PHP, JavaScript... projects
Version : 3.1.0
Author : sonarsource
Help : Version: 3.1.0. [More Information](http://redirect.sonarsource.com/doc/install-configure-scanner-tfs-ts.html)
==============================================================================
Preparing task execution handler.
Executing the powershell script: E:\Dev\AgtProd-service\_work\_tasks\SonarQubeScannerCli_9f57024b-31f9-4e58-9e39-a47ccc098f03\3.1.0\SonarQubeScanner.ps1
INFO: Scanner configuration file: E:\Dev\AgtProd-service\_work\_tasks\SonarQubeScannerCli_9f57024b-31f9-4e58-9e39-a47ccc098f03\3.1.0\sonar-scanner\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 3.0.3.778
INFO: Java 1.8.0_231 Oracle Corporation (64-bit)
INFO: Windows 10 10.0 amd64
INFO: User cache: C:\Users\TFSBuild1_SVCACCT\.sonar\cache
INFO: Publish mode
INFO: Load global settings
INFO: Load global settings (done) | time=109ms
INFO: Server id: 68653A6C-128cb948359873e
INFO: User cache: C:\Users\TFSBuild1_SVCACCT\.sonar\cache
INFO: Load plugins index
INFO: Load plugins index (done) | time=31ms
INFO: SonarQube server 6.7.5
INFO: Default locale: "en_US", source code encoding: "windows-1252" (analysis is platform dependent)
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=0ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=0ms
INFO: Load project repositories
INFO: Load project repositories (done) | time=62ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=31ms
INFO: Load active rules
INFO: Load active rules (done) | time=844ms
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=16ms
INFO: Project key: DataHub
INFO: ------------- Scan DataHub
INFO: Load server rules
INFO: Load server rules (done) | time=110ms
INFO: Base dir: E:\Dev\AgtProd-service\_work\4\s
INFO: Working dir: E:\Dev\AgtProd-service\_work\4\s\.scannerwork
INFO: Source paths: .
INFO: Source encoding: windows-1252, default locale: en_US
INFO: Index files
INFO: 182 files indexed
INFO: Sensor JavaXmlSensor [java]
INFO: 2 source files to be analyzed
INFO: Sensor JavaXmlSensor [java] (done) | time=125ms
INFO: Sensor HTML [web]
INFO: 2/2 source files have been analyzed
INFO: Sensor HTML [web] (done) | time=16ms
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=15ms
INFO: Sensor CPD Block Indexer
INFO: Sensor CPD Block Indexer (done) | time=0ms
INFO: Calculating CPD for 0 files
INFO: CPD calculation finished
INFO: Analysis report generated in 78ms, dir size=62 KB
INFO: Analysis reports compressed in 63ms, zip size=17 KB
INFO: Analysis report uploaded in 31ms
INFO: ANALYSIS SUCCESSFUL, you can browse https://sonar-corp-p1.com/dashboard/index/DataHub
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonar-corp-p1.com/api/ce/task?id=AW7r7p-e-zTPeRMvMhN8
INFO: Task total time: 3.469 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 4.844s
INFO: Final Memory: 67M/435M
INFO: ------------------------------------------------------------------------
******************************************************************************
Finishing: Perform a SonarQube analysis
******************************************************************************
By the way, you are using pretty old version of both the Scanner and SonarQube itself, we highly recommend you to updgrade to at least the latest LTS (7.9) as yours are no longer supported.
I will follow up with our Admins and find out why we are on such an old version. I did go to my Test instance of TFS 2018 and removed the SonarQube extension. The extension was originally installed when we were using TFS 2015. We did the
in-place upgrade to TFS 2018.
In the dev instance, I deleted the extension and then reinstalled it. It looks like it pulled in a newer version of the build steps. I see 3 of them.
Prepare analysis of SonarQube
Run Code Analysis
Publish Quality Gate Result
I no longer see the Perform a SonarQube analysis (SonarQube Scanner CLI) is that by default? So for my particular workflow where I just want to scan the java script code that is checked in would I just create a new build that downloads
the sources and then add the 3 steps?
Basically, the prepare configuration step let you configure how the task will call the Scanner itself : In standalone mode (that is the one you used to use), with MSBuild, and so on…
You can there setup the properties that you want to pass to the scanner, as you may have done that way in the previous version.
API version is : 6.7.5.38563
I’m using the latest version of the VSTS SonarQube plugin.
The SonarQube Server is on a Linux Server, we do use self-signed Certs. I had already added that Cert to the PC that is running the TFS agent.
We do not have Node.js installed on the PC that is running the TFS agent. I stumbled across a note that said we may need an intermediate cert I added that and rebooted the PC still no joy.
The Older version of the VSTS plugin (v3) worked fine
I’m using the latest version of the VSTS SonarQube plugin.
The SonarQube Server is on a Linux Server, we do use self-signed Certs. I had already added that Cert to the PC that is running the TFS agent.
We do not have Node.js installed on the PC that is running the TFS agent. I stumbled across a note that said we may need an intermediate cert I added that and rebooted the PC still no joy.
The Older version of the VSTS plugin (v3) worked fine