The main branch has no lines of code - another post but really no idea what to do next

Despite having a project on gitlab with a master branch, PHP, I am getting error

The main branch has no lines of code. and so no analysis is run.

  • version : SonarQube Community edition
    SonarQube ID information
    Server ID: 3B38533C-AZZXh2eVAcitaJFMAj3M
    Version: 9.9.8.100196
    Date: 2025-04-21

  • how is SonarQube deployed: docker using the following compose

version: "3"

services:
  sonarqube:
    image: sonarqube:lts-community
    ##image: mc1arke/sonarqube-with-community-branch-plugin
    depends_on:
      - sonar_db
    environment:
      SONAR_JDBC_URL: jdbc:postgresql://sonar_db:5432/sonar
      SONAR_JDBC_USERNAME: sonar
      SONAR_JDBC_PASSWORD: sonar
    ports:
      - "9001:9000"
    volumes:
      - sonarqube_conf:/opt/sonarqube/conf
      - sonarqube_data:/opt/sonarqube/data
      - sonarqube_extensions:/opt/sonarqube/extensions
      - sonarqube_logs:/opt/sonarqube/logs
      - sonarqube_temp:/opt/sonarqube/temp

  sonar_db:
    image: postgres:13
    environment:
      POSTGRES_USER: sonar
      POSTGRES_PASSWORD: sonar
      POSTGRES_DB: sonar
    volumes:
      - sonar_db:/var/lib/postgresql
      - sonar_db_data:/var/lib/postgresql/data

  sonar_cli:
    image: sonarsource/sonar-scanner-cli

volumes:
  sonarqube_conf:
  sonarqube_data:
  sonarqube_extensions:
  sonarqube_logs:
  sonarqube_temp:
  sonar_db:
  sonar_db_data:


  • what are you trying to achieve - Just test sonarqube and its output to understand what is the added value of it but it wont start any code analysis at all
  • what have you tried so far to achieve this -
    – I can access the backend on localhost:9001, set up the gitlab connection and thus project. Then i trigger the analysis from the cli container with command /opt/sonar-scanner/bin/sonar-scanner -Dsonar.projectKey=runindia_runindia_bk_AZZXxU8GNJacQ0gEg1Po -Dsonar.sources=. -Dsonar.host.url=http://sonarqube:9000 -Dsonar.login=sqp_b7f7846ceff9af7df848e1e88608051827324ec1 but the above error is shown on the project page. Log of the run shown below.
    – Also tried to specify the branch with -Dsonar.branch.name=master but apparently not possible on this edition so please confirm what I can do at this moment to use the community version
    – Also there is no options to specify a branch or trigger a scan from the interface of the community edition because the Branches and Pull requests configuration is not present in the community edition.

**Do not share screenshots of logs --run log just for documentation purposes

/opt/sonar-scanner/bin/sonar-scanner   -Dsonar.projectKey=runindia_runindia_bk_AZZXxU8GNJacQ0gEg1Po   -Dsonar.sources=.   -Dsonar.host.url=http://sonarqube:9000   -Dsonar.login=sqp_b7f7846ceff9af7df848e1e88608051827324ec1 
12:04:16.028 INFO  Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
12:04:16.030 INFO  Project root configuration file: NONE
12:04:16.038 INFO  SonarScanner CLI 7.1.0.4889
12:04:16.039 INFO  Java 17.0.14 Amazon.com Inc. (64-bit)
12:04:16.039 INFO  Linux 6.8.0-57-generic amd64
12:04:16.057 INFO  User cache: /opt/sonar-scanner/.sonar/cache
12:04:16.597 INFO  Communicating with SonarQube Server 9.9.8.100196
12:04:17.052 INFO  Load global settings
12:04:17.100 INFO  Load global settings (done) | time=49ms
12:04:17.101 INFO  Server id: 3B38533C-AZZXh2eVAcitaJFMAj3M
12:04:17.104 INFO  User cache: /opt/sonar-scanner/.sonar/cache
12:04:17.105 INFO  Load/download plugins
12:04:17.105 INFO  Load plugins index
12:04:17.137 INFO  Load plugins index (done) | time=32ms
12:04:17.787 INFO  Load/download plugins (done) | time=682ms
12:04:18.067 INFO  Process project properties
12:04:18.071 INFO  Process project properties (done) | time=4ms
12:04:18.073 INFO  Execute project builders
12:04:18.074 INFO  Execute project builders (done) | time=1ms
12:04:18.077 INFO  Project key: runindia_runindia_bk_AZZXxU8GNJacQ0gEg1Po
12:04:18.077 INFO  Base dir: /usr/src
12:04:18.077 INFO  Working dir: /usr/src/.scannerwork
12:04:18.082 INFO  Load project settings for component key: 'runindia_runindia_bk_AZZXxU8GNJacQ0gEg1Po'
12:04:18.104 INFO  Load project settings for component key: 'runindia_runindia_bk_AZZXxU8GNJacQ0gEg1Po' (done) | time=22ms
12:04:18.173 INFO  Load quality profiles
12:04:18.226 INFO  Load quality profiles (done) | time=53ms
12:04:18.229 INFO  Load active rules
12:04:19.248 INFO  Load active rules (done) | time=1019ms
12:04:19.250 INFO  Load analysis cache
12:04:19.256 INFO  Load analysis cache (404) | time=6ms
12:04:19.281 INFO  Load project repositories
12:04:19.294 INFO  Load project repositories (done) | time=13ms
12:04:19.310 INFO  Indexing files...
12:04:19.310 INFO  Project configuration:
12:04:19.314 INFO  0 files indexed
12:04:19.315 INFO  ------------- Run sensors on module runindia_runindia_bk_AZZXxU8GNJacQ0gEg1Po
12:04:19.361 INFO  Load metrics repository
12:04:19.374 INFO  Load metrics repository (done) | time=13ms
12:04:20.054 INFO  Sensor JaCoCo XML Report Importer [jacoco]
12:04:20.054 INFO  'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
12:04:20.055 INFO  No report imported, no coverage information will be imported by JaCoCo XML Report Importer
12:04:20.055 INFO  Sensor JaCoCo XML Report Importer [jacoco] (done) | time=2ms
12:04:20.055 INFO  Sensor CSS Rules [javascript]
12:04:20.055 INFO  No CSS, PHP, HTML or VueJS files are found in the project. CSS analysis is skipped.
12:04:20.055 INFO  Sensor CSS Rules [javascript] (done) | time=0ms
12:04:20.055 INFO  Sensor C# Project Type Information [csharp]
12:04:20.056 INFO  Sensor C# Project Type Information [csharp] (done) | time=1ms
12:04:20.056 INFO  Sensor C# Analysis Log [csharp]
12:04:20.061 INFO  Sensor C# Analysis Log [csharp] (done) | time=5ms
12:04:20.061 INFO  Sensor C# Properties [csharp]
12:04:20.062 INFO  Sensor C# Properties [csharp] (done) | time=1ms
12:04:20.062 INFO  Sensor TextAndSecretsSensor [text]
12:04:20.065 INFO  Sensor TextAndSecretsSensor [text] (done) | time=3ms
12:04:20.065 INFO  Sensor VB.NET Project Type Information [vbnet]
12:04:20.065 INFO  Sensor VB.NET Project Type Information [vbnet] (done) | time=0ms
12:04:20.065 INFO  Sensor VB.NET Analysis Log [vbnet]
12:04:20.071 INFO  Sensor VB.NET Analysis Log [vbnet] (done) | time=6ms
12:04:20.071 INFO  Sensor VB.NET Properties [vbnet]
12:04:20.071 INFO  Sensor VB.NET Properties [vbnet] (done) | time=0ms
12:04:20.071 INFO  Sensor IaC Docker Sensor [iac]
12:04:20.073 INFO  0 source files to be analyzed
12:04:20.101 INFO  0/0 source files have been analyzed
12:04:20.101 INFO  Sensor IaC Docker Sensor [iac] (done) | time=30ms
12:04:20.103 INFO  ------------- Run sensors on project
12:04:20.132 INFO  Sensor Analysis Warnings import [csharp]
12:04:20.132 INFO  Sensor Analysis Warnings import [csharp] (done) | time=0ms
12:04:20.133 INFO  Sensor Zero Coverage Sensor
12:04:20.133 INFO  Sensor Zero Coverage Sensor (done) | time=0ms
12:04:20.133 INFO  SCM Publisher is disabled
12:04:20.134 INFO  CPD Executor Calculating CPD for 0 files
12:04:20.134 INFO  CPD Executor CPD calculation finished (done) | time=0ms
12:04:20.181 INFO  Analysis report generated in 45ms, dir size=122.0 kB
12:04:20.187 INFO  Analysis report compressed in 5ms, zip size=14.6 kB
12:04:20.209 INFO  Analysis report uploaded in 22ms
12:04:20.210 INFO  ANALYSIS SUCCESSFUL, you can find the results at: http://sonarqube:9000/dashboard?id=runindia_runindia_bk_AZZXxU8GNJacQ0gEg1Po
12:04:20.210 INFO  Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
12:04:20.210 INFO  More about the report processing at http://sonarqube:9000/api/ce/task?id=AZZYPCpo8GICNnlvSP4H
12:04:20.215 INFO  Analysis total time: 2.352 s
12:04:20.216 INFO  EXECUTION SUCCESS
12:04:20.216 INFO  Total time: 4.191s

Please guide me in what I can do at the moment with the community edition in a way that is not arcane

Hi,

Welcome to the community!

First, if you’re in the initial testing, why are you doing it with v9.9.8? That’s EOL. For Community Build, nothing but the latest release is supported. You should be working with 25.4.

Second, based on your analysis log, it looks like analysis succeeded on the CI side. But you should be aware that there is a lag to process the analysis report server-side.

So, are you still seeing that message on the project homepage? And if so, what shows up in your Project Settings → Background Tasks?

 
Ann

I was using lts-community based on the semantics of tagging, LTS stands for long term support, and on the https://hub.docker.com/_/sonarqube it is still available and I cannot see any deprecation warning regarding this. Anyhow I changed to community and now running " * Community Build * v25.4.0.105899".

About CI side there is none here. I am testing locally and indeed triggered the scan manually as pre command shown in original post. My understanding is that it will still run the build on the instance of sonarqube, am I wrong?

However, even after upgrading the build run and says it indeed succeded but as per original post it still says “The main branch has no lines of code.” and unfortunately this is incorrect as the master branch is fully present, defined as default in gitlab and has plenty of code.

Here is a screenshot of the background tasks…

Could you point out what I am missing to ensure this can run?

Hi,

Going back to your analysis log… that’s awfully short. At this point, I’m guessing analysis didn’t actually find any code to analyze.

So can you share a little bit about your project? Approximately how large is it? And in what language(s)?

 
Ann

PHP project … looking at the folder

$ du -h --max-depth=1 .
24K     ./.vagrant
44K     ./docker
38M     ./application
94M     ./assets
203M    ./vendor
3.1M    ./files
128K    ./.idea
54M     ./database
384M    ./.git
1.7M    ./system
16K     ./bin
786M    .

in Application there is custom and parts of framework code.

It definitely has a master branch

$ git branch | grep master
* master

and a lot of code that would benefit from scanning. Let me know if there is any other info you would like to understand why it is not running anything

Hi,

Could you add -Dsonar.verbose=true to your analysis command and provide that log, please?

 
Thx,
Ann

Thank you for your fast replies. I have seen in the verbose that, even if i select manual and other type of code (including PHP) to generate the cli command, then in the logs below it says several plugins including PHP are disabled.

Here is the full execution log

bash-5.2$ /opt/sonar-scanner/bin/sonar-scanner   -Dsonar.projectKey=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a   -Dsonar.sources=.   -Dsonar.host.url=http://sonarqube:9000   -Dsonar.token=sqp_50c0c486a3abea0773f5937522c7166681808343 -Dsonar.verbose=true
11:45:59.239 INFO  Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
11:45:59.241 INFO  Project root configuration file: NONE
11:45:59.252 INFO  SonarScanner CLI 7.1.0.4889
11:45:59.253 INFO  Java 17.0.14 Amazon.com Inc. (64-bit)
11:45:59.254 INFO  Linux 6.8.0-58-generic amd64
11:45:59.259 DEBUG Scanner max available memory: 7 GB
11:45:59.276 DEBUG uname -m returned 'x86_64'
11:45:59.277 DEBUG Using JVM default truststore: /usr/lib/jvm/java-17-amazon-corretto.x86_64/lib/security/cacerts
11:45:59.278 DEBUG Create: /opt/sonar-scanner/.sonar/cache
11:45:59.278 INFO  User cache: /opt/sonar-scanner/.sonar/cache
11:45:59.278 DEBUG Create: /opt/sonar-scanner/.sonar/cache/_tmp
11:45:59.337 DEBUG Loading OS trusted SSL certificates...
11:45:59.337 DEBUG This operation might be slow or even get stuck. You can skip it by passing the scanner property 'sonar.scanner.skipSystemTruststore=true'
11:45:59.590 DEBUG Loaded [1029] system trusted certificates
11:45:59.720 DEBUG Loaded truststore from '/usr/lib/jvm/java-17-amazon-corretto.x86_64/lib/security/cacerts' containing 147 certificates
11:45:59.817 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/version
11:45:59.838 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/version (21ms, 13-byte body)
11:45:59.840 INFO  Communicating with SonarQube Community Build 25.4.0.105899
11:45:59.841 INFO  JRE provisioning: os[linux], arch[x86_64]
11:45:59.842 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/jres?os=linux&arch=x86_64
11:45:59.858 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/jres?os=linux&arch=x86_64 (15ms, unknown-length body)
11:45:59.882 DEBUG Download http://sonarqube:9000/api/v2/analysis/jres/239eae93-1efe-4b56-8446-b431dfcdf828 to /opt/sonar-scanner/.sonar/cache/_tmp/fileCache4499602494465359029.tmp
11:45:59.883 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/jres/239eae93-1efe-4b56-8446-b431dfcdf828
11:45:59.903 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/jres/239eae93-1efe-4b56-8446-b431dfcdf828 (20ms, unknown-length body)
11:46:00.714 DEBUG Executing: /opt/sonar-scanner/.sonar/cache/4086cc7cb2d9e7810141f255063caad10a8a018db5e6b47fa5394c506ab65bff/OpenJDK17U-jre_x64_linux_hotspot_17.0.13_11.tar.gz_extracted/jdk-17.0.13+11-jre/bin/java --version
11:46:00.735 DEBUG openjdk 17.0.13 2024-10-15
11:46:00.736 DEBUG OpenJDK Runtime Environment Temurin-17.0.13+11 (build 17.0.13+11)
11:46:00.736 DEBUG OpenJDK 64-Bit Server VM Temurin-17.0.13+11 (build 17.0.13+11, mixed mode, sharing)
11:46:00.740 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/engine
11:46:00.818 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/engine (78ms, unknown-length body)
11:46:00.820 DEBUG Download http://sonarqube:9000/api/v2/analysis/engine to /opt/sonar-scanner/.sonar/cache/_tmp/fileCache3205055080694649205.tmp
11:46:00.820 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/engine
11:46:00.824 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/engine (3ms, unknown-length body)
11:46:01.027 DEBUG Work directory: /usr/src/.scannerwork
11:46:01.032 DEBUG Executing: /opt/sonar-scanner/.sonar/cache/4086cc7cb2d9e7810141f255063caad10a8a018db5e6b47fa5394c506ab65bff/OpenJDK17U-jre_x64_linux_hotspot_17.0.13_11.tar.gz_extracted/jdk-17.0.13+11-jre/bin/java -Dorg.bouncycastle.pkcs12.ignore_useless_passwd=true -jar /opt/sonar-scanner/.sonar/cache/0ff8673522517dceccd02d5e1097585a40800c001dec3a1b6606b1b1b4a495af/sonar-scanner-engine-shaded-25.4.0.105899-all.jar
11:46:01.211 INFO  Starting SonarScanner Engine...
11:46:01.212 INFO  Java 17.0.13 Eclipse Adoptium (64-bit)
11:46:01.246 DEBUG JVM max available memory: 7 GB
11:46:01.328 DEBUG Community 25.4.0.105899
11:46:01.413 DEBUG Sonar User Home: /opt/sonar-scanner/.sonar
11:46:01.461 DEBUG Loading OS trusted SSL certificates...
11:46:01.462 DEBUG This operation might be slow or even get stuck. You can skip it by passing the scanner property 'sonar.scanner.skipSystemTruststore=true'
11:46:01.705 DEBUG Loaded [1029] system trusted certificates
11:46:01.821 DEBUG Loaded truststore from '/usr/lib/jvm/java-17-amazon-corretto.x86_64/lib/security/cacerts' containing 147 certificates
11:46:01.932 INFO  Load global settings
11:46:01.939 DEBUG --> GET http://sonarqube:9000/api/settings/values.protobuf
11:46:01.969 DEBUG <-- 200 http://sonarqube:9000/api/settings/values.protobuf (30ms, 6793-byte body)
11:46:01.994 INFO  Load global settings (done) | time=62ms
11:46:01.996 INFO  Server id: 3B38533C-AZZsRxPgk7wS_5Jm6Lrb
11:46:01.998 DEBUG Create : /opt/sonar-scanner/.sonar/_tmp
11:46:01.999 DEBUG User cache: /opt/sonar-scanner/.sonar/cache
11:46:02.002 INFO  Loading required plugins
11:46:02.002 INFO  Load plugins index
11:46:02.002 DEBUG --> GET http://sonarqube:9000/api/plugins/installed
11:46:02.015 DEBUG <-- 200 http://sonarqube:9000/api/plugins/installed (12ms, unknown-length body)
11:46:02.018 INFO  Load plugins index (done) | time=16ms
11:46:02.019 INFO  Load/download plugins
11:46:02.020 DEBUG Download plugin 'cayc' to '/opt/sonar-scanner/.sonar/_tmp/fileCache4341271731618297101.tmp'
11:46:02.021 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=cayc
11:46:02.025 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=cayc (3ms, unknown-length body)
11:46:02.067 DEBUG Download plugin 'iac' to '/opt/sonar-scanner/.sonar/_tmp/fileCache17320076267569035255.tmp'
11:46:02.067 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=iac
11:46:02.070 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=iac (3ms, unknown-length body)
11:46:02.164 DEBUG Download plugin 'jacoco' to '/opt/sonar-scanner/.sonar/_tmp/fileCache5980979366471398223.tmp'
11:46:02.165 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=jacoco
11:46:02.167 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=jacoco (3ms, unknown-length body)
11:46:02.169 DEBUG Download plugin 'text' to '/opt/sonar-scanner/.sonar/_tmp/fileCache13444440663778836834.tmp'
11:46:02.169 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=text
11:46:02.172 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=text (2ms, unknown-length body)
11:46:02.203 INFO  Load/download plugins (done) | time=185ms
11:46:02.203 DEBUG Plugins not loaded because they are optional: [csharp, flex, go, web, javasymbolicexecution, java, javascript, kotlin, php, python, ruby, sonarscala, vbnet, xml]
11:46:02.217 DEBUG Plugins loaded:
11:46:02.217 DEBUG   * JaCoCo 1.3.0.1538 (jacoco)
11:46:02.217 DEBUG   * IaC Code Quality and Security 1.44.0.14670 (iac)
11:46:02.218 DEBUG   * Text Code Quality and Security 2.21.1.5779 (text)
11:46:02.218 DEBUG   * Clean as You Code 2.4.0.2018 (cayc)
11:46:02.299 DEBUG register org.eclipse.jgit.util.FS$FileStoreAttributes$$Lambda$376/0x00007522582ed428@2c43eb8 with shutdown hook
11:46:02.392 INFO  Process project properties
11:46:02.399 INFO  Process project properties (done) | time=8ms
11:46:02.407 INFO  Project key: runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a
11:46:02.407 INFO  Base dir: /usr/src
11:46:02.407 INFO  Working dir: /usr/src/.scannerwork
11:46:02.408 DEBUG Project global encoding: UTF-8, default locale: en
11:46:02.412 INFO  Load project settings for component key: 'runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a'
11:46:02.413 DEBUG --> GET http://sonarqube:9000/api/settings/values.protobuf?component=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a
11:46:02.427 DEBUG <-- 200 http://sonarqube:9000/api/settings/values.protobuf?component=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a (14ms, 6803-byte body)
11:46:02.429 INFO  Load project settings for component key: 'runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a' (done) | time=16ms
11:46:02.449 DEBUG Creating module hierarchy
11:46:02.450 DEBUG   Init module 'runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a'
11:46:02.450 DEBUG     Base dir: /usr/src
11:46:02.450 DEBUG     Working dir: /usr/src/.scannerwork
11:46:02.450 DEBUG     Module global encoding: UTF-8, default locale: en
11:46:02.457 INFO  Load quality profiles
11:46:02.457 DEBUG --> GET http://sonarqube:9000/api/qualityprofiles/search.protobuf?project=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a
11:46:02.527 DEBUG <-- 200 http://sonarqube:9000/api/qualityprofiles/search.protobuf?project=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a (69ms, 3050-byte body)
11:46:02.539 INFO  Load quality profiles (done) | time=82ms
11:46:02.564 WARN  SCM provider autodetection failed. Please use "sonar.scm.provider" to define SCM of your project, or disable the SCM Sensor in the project settings.
11:46:02.566 INFO  Load active rules
11:46:02.567 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/active_rules?projectKey=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a
11:46:02.734 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/active_rules?projectKey=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a (166ms, unknown-length body)
11:46:02.828 INFO  Load active rules (done) | time=262ms
11:46:02.832 INFO  Load analysis cache
11:46:02.832 DEBUG --> GET http://sonarqube:9000/api/analysis_cache/get?project=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a
11:46:02.839 DEBUG <-- 404 http://sonarqube:9000/api/analysis_cache/get?project=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a (7ms, unknown-length body)
11:46:02.840 INFO  Load analysis cache (404) | time=9ms
11:46:02.848 DEBUG --> GET http://sonarqube:9000/api/languages/list
11:46:02.852 DEBUG <-- 200 http://sonarqube:9000/api/languages/list (3ms, unknown-length body)
11:46:02.858 DEBUG --> GET http://sonarqube:9000/api/features/list
11:46:02.861 DEBUG <-- 200 http://sonarqube:9000/api/features/list (2ms, unknown-length body)
11:46:02.874 DEBUG Declared patterns of language Kubernetes were converted to sonar.lang.patterns.kubernetes : 
11:46:02.875 DEBUG Declared patterns of language CSS were converted to sonar.lang.patterns.css : **/*.css,**/*.less,**/*.scss,**/*.sass
11:46:02.875 DEBUG Declared patterns of language Scala were converted to sonar.lang.patterns.scala : **/*.scala
11:46:02.876 DEBUG Declared patterns of language JSP were converted to sonar.lang.patterns.jsp : **/*.jsp,**/*.jspf,**/*.jspx
11:46:02.876 DEBUG Declared patterns of language JavaScript were converted to sonar.lang.patterns.js : **/*.js,**/*.jsx,**/*.cjs,**/*.mjs,**/*.vue
11:46:02.876 DEBUG Declared patterns of language Python were converted to sonar.lang.patterns.py : **/*.py
11:46:02.876 DEBUG Declared patterns of language Docker were converted to sonar.lang.patterns.docker : **/Dockerfile,**/*.dockerfile
11:46:02.876 DEBUG Declared patterns of language Java were converted to sonar.lang.patterns.java : **/*.java,**/*.jav
11:46:02.876 DEBUG Declared patterns of language HTML were converted to sonar.lang.patterns.web : **/*.html,**/*.xhtml,**/*.cshtml,**/*.vbhtml,**/*.aspx,**/*.ascx,**/*.rhtml,**/*.erb,**/*.shtm,**/*.shtml,**/*.cmp,**/*.twig
11:46:02.876 DEBUG Declared patterns of language Flex were converted to sonar.lang.patterns.flex : **/*.as
11:46:02.877 DEBUG Declared patterns of language XML were converted to sonar.lang.patterns.xml : **/*.xml,**/*.xsd,**/*.xsl,**/*.config
11:46:02.877 DEBUG Declared patterns of language JSON were converted to sonar.lang.patterns.json : **/*.json
11:46:02.877 DEBUG Declared patterns of language IPython Notebooks were converted to sonar.lang.patterns.ipynb : **/*.ipynb
11:46:02.877 DEBUG Declared patterns of language Text were converted to sonar.lang.patterns.text : 
11:46:02.877 DEBUG Declared patterns of language VB.NET were converted to sonar.lang.patterns.vbnet : **/*.vb
11:46:02.877 DEBUG Declared patterns of language CloudFormation were converted to sonar.lang.patterns.cloudformation : 
11:46:02.878 DEBUG Declared patterns of language YAML were converted to sonar.lang.patterns.yaml : **/*.yaml,**/*.yml
11:46:02.878 DEBUG Declared patterns of language Go were converted to sonar.lang.patterns.go : **/*.go
11:46:02.878 DEBUG Declared patterns of language Kotlin were converted to sonar.lang.patterns.kotlin : **/*.kt,**/*.kts
11:46:02.878 DEBUG Declared patterns of language Secrets were converted to sonar.lang.patterns.secrets : 
11:46:02.878 DEBUG Declared patterns of language Ruby were converted to sonar.lang.patterns.ruby : **/*.rb
11:46:02.878 DEBUG Declared patterns of language C# were converted to sonar.lang.patterns.cs : **/*.cs,**/*.razor
11:46:02.878 DEBUG Declared patterns of language PHP were converted to sonar.lang.patterns.php : **/*.php,**/*.php3,**/*.php4,**/*.php5,**/*.phtml,**/*.inc
11:46:02.879 DEBUG Declared patterns of language Terraform were converted to sonar.lang.patterns.terraform : **/*.tf
11:46:02.879 DEBUG Declared patterns of language AzureResourceManager were converted to sonar.lang.patterns.azureresourcemanager : **/*.bicep
11:46:02.879 DEBUG Declared patterns of language TypeScript were converted to sonar.lang.patterns.ts : **/*.ts,**/*.tsx,**/*.cts,**/*.mts
11:46:02.883 INFO  Preprocessing files...
11:46:02.889 INFO  0 languages detected in 0 preprocessed files
11:46:02.890 INFO  Loading plugins for detected languages
11:46:02.890 DEBUG Detected languages: []
11:46:02.890 INFO  Load/download plugins
11:46:02.891 INFO  Load/download plugins (done) | time=0ms
11:46:02.891 DEBUG Optional language-specific plugins not loaded: [csharp, flex, go, web, javasymbolicexecution, java, javascript, kotlin, php, python, ruby, sonarscala, vbnet, xml]
11:46:02.891 DEBUG No plugins loaded
11:46:02.920 INFO  Load project repositories
11:46:02.921 DEBUG --> GET http://sonarqube:9000/batch/project.protobuf?key=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a
11:46:02.933 DEBUG <-- 200 http://sonarqube:9000/batch/project.protobuf?key=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a (12ms, 0-byte body)
11:46:02.982 INFO  Load project repositories (done) | time=61ms
11:46:02.989 DEBUG Available languages:
11:46:02.989 DEBUG   * Terraform => "terraform"
11:46:02.990 DEBUG   * CloudFormation => "cloudformation"
11:46:02.990 DEBUG   * Kubernetes => "kubernetes"
11:46:02.990 DEBUG   * Docker => "docker"
11:46:02.990 DEBUG   * AzureResourceManager => "azureresourcemanager"
11:46:02.990 DEBUG   * YAML => "yaml"
11:46:02.990 DEBUG   * JSON => "json"
11:46:02.990 DEBUG   * Text => "text"
11:46:02.990 DEBUG   * Secrets => "secrets"
11:46:02.991 INFO  Indexing files...
11:46:02.991 INFO  Project configuration:
11:46:02.992 INFO  0 files indexed
11:46:02.992 INFO  ------------- Run sensors on module runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a
11:46:03.014 INFO  Load metrics repository
11:46:03.014 DEBUG --> GET http://sonarqube:9000/api/metrics/search?ps=500&p=1
11:46:03.021 DEBUG <-- 200 http://sonarqube:9000/api/metrics/search?ps=500&p=1 (6ms, unknown-length body)
11:46:03.031 INFO  Load metrics repository (done) | time=18ms
11:46:03.165 DEBUG 'Import external issues report' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.externalIssuesReportPaths: <empty>
11:46:03.166 DEBUG 'IaC Terraform Sensor' skipped because there is no related file in current project
11:46:03.166 DEBUG 'IaC CloudFormation Sensor' skipped because there is no related file in current project
11:46:03.166 DEBUG 'IaC Kubernetes Sensor' skipped because there is no related file in current project
11:46:03.167 DEBUG 'IaC AzureResourceManager Sensor' skipped because there is no related file in current project
11:46:03.167 DEBUG 'Generic Test Executions Report' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.testExecutionReportPaths: <empty>
- sonar.externalIssuesReportPaths: <empty>
11:46:03.167 DEBUG Sensors : JaCoCo XML Report Importer -> Java Config Sensor -> IaC Docker Sensor -> TextAndSecretsSensor
11:46:03.168 INFO  Sensor JaCoCo XML Report Importer [jacoco]
11:46:03.168 INFO  'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
11:46:03.168 INFO  No report imported, no coverage information will be imported by JaCoCo XML Report Importer
11:46:03.169 INFO  Sensor JaCoCo XML Report Importer [jacoco] (done) | time=1ms
11:46:03.169 INFO  Sensor Java Config Sensor [iac]
11:46:03.180 INFO  0 source files to be analyzed
11:46:03.182 INFO  0/0 source files have been analyzed
11:46:03.183 INFO  Sensor Java Config Sensor [iac] (done) | time=15ms
11:46:03.183 INFO  Sensor IaC Docker Sensor [iac]
11:46:03.226 INFO  0 source files to be analyzed
11:46:03.226 INFO  0/0 source files have been analyzed
11:46:03.227 INFO  Sensor IaC Docker Sensor [iac] (done) | time=43ms
11:46:03.227 INFO  Sensor TextAndSecretsSensor [text]
11:46:03.227 INFO  Available processors: 12
11:46:03.227 INFO  Using 12 threads for analysis.
11:46:03.431 INFO  The property "sonar.tests" is not set. To improve the analysis accuracy, we categorize a file as a test file if any of the following is true:
  * The filename starts with "test"
  * The filename contains "test." or "tests."
  * Any directory in the file path is named: "doc", "docs", "test" or "tests"
  * Any directory in the file path has a name ending in "test" or "tests"

11:46:03.446 DEBUG git --version returned: git version 2.47.1
11:46:03.446 INFO  Using git CLI to retrieve untracked files
11:46:03.448 DEBUG Process [git, status, --untracked-files=all, --porcelain] exited with code 128
11:46:03.449 DEBUG Unable to retrieve git status
11:46:03.449 WARN  Analyzing only language associated files, make sure to run the analysis inside a git repository to make use of inclusions specified via "sonar.text.inclusions"
11:46:03.449 DEBUG There are no files to be analyzed
11:46:03.449 INFO  Sensor TextAndSecretsSensor [text] (done) | time=222ms
11:46:03.451 INFO  ------------- Run sensors on project
11:46:03.524 DEBUG 'Generic Coverage Report' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.coverageReportPaths: <empty>
11:46:03.524 DEBUG 'Import external issues report from SARIF file.' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.coverageReportPaths: <empty>
- sonar.sarifReportPaths: <empty>
11:46:03.524 DEBUG 'Java CPD Block Indexer' skipped because there is no related file in current project
11:46:03.524 DEBUG Sensors : Zero Coverage Sensor
11:46:03.524 INFO  Sensor Zero Coverage Sensor
11:46:03.524 INFO  Sensor Zero Coverage Sensor (done) | time=0ms
11:46:03.525 INFO  ------------- Gather SCA dependencies on project
11:46:03.526 INFO  Dependency analysis skipped
11:46:03.526 INFO  SCM Publisher No SCM system was detected. You can use the 'sonar.scm.provider' property to explicitly specify it.
11:46:03.527 INFO  CPD Executor Calculating CPD for 0 files
11:46:03.528 INFO  CPD Executor CPD calculation finished (done) | time=0ms
11:46:03.596 INFO  Analysis report generated in 65ms, dir size=230.9 kB
11:46:03.604 INFO  Analysis report compressed in 7ms, zip size=24.6 kB
11:46:03.604 INFO  Analysis report generated in /usr/src/.scannerwork/scanner-report
11:46:03.604 DEBUG Upload report
11:46:03.606 DEBUG --> POST http://sonarqube:9000/api/ce/submit?projectKey=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a (24808-byte body)
11:46:03.658 DEBUG <-- 200 http://sonarqube:9000/api/ce/submit?projectKey=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a (52ms, 76-byte body)
11:46:03.660 INFO  Analysis report uploaded in 56ms
11:46:03.661 DEBUG Report metadata written to /usr/src/.scannerwork/report-task.txt
11:46:03.661 INFO  ANALYSIS SUCCESSFUL, you can find the results at: http://sonarqube:9000/dashboard?id=runindia_runindia_bk_c96bd326-eb96-4285-96fa-0559541c2b2a
11:46:03.662 INFO  Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
11:46:03.662 INFO  More about the report processing at http://sonarqube:9000/api/ce/task?id=20489184-47eb-4c30-9d1c-60b0063c9561
11:46:03.663 DEBUG Post-jobs : 
11:46:03.665 INFO  Analysis total time: 1.430 s
11:46:03.666 INFO  SonarScanner Engine completed successfully
11:46:03.667 DEBUG Cleanup org.eclipse.jgit.util.FS$FileStoreAttributes$$Lambda$376/0x00007522582ed428@2c43eb8 during JVM shutdown
11:46:03.694 INFO  EXECUTION SUCCESS
11:46:03.695 INFO  Total time: 4.458s

In the overview of sonar it still says “The main branch has no lines of code.” I have looked around but I am not sure what to do next

Hi,

You’ve said your project is PHP. What file extension are you using for the files? Also, which directory are you firing analysis from? Because analysis is recognizing neither your PHP files, nor your SCM metadata.

 
Ann

  1. files are standard .php
  2. can you clarify what you mean by where I am firing analysis from?

Just to confirm what i do based on the docker solution above…
1 - I run an instance of the sonarqube server.
2 - I configure connectivity to the gitlab repo so the server can see and fetch the code from it using the gitlab token
3 - I go ahead in the project generation by selecting other option where it specify that it will work for PHP
4 - once the above is done the server generates a command that i can run. Sonarqube is structured such that somehow i need to then run this command or the scan will not start. So…
5 - I docker compose exec in the CLI (ie i get a shell in the sonarqube cli instance) and from there i run the command.
6 - this triggers the project build/analysis but it ends up saying there is no code

I am not sure why you are asking what directory i am triggering it from as i am not specifying any directory and I am not running the cli from the code itselt. Given I set up gitlab i would think sonarqube knows it is a GIT repository and should see the files. Within the repository there are several php folders. Commonly in php if you use composer the vendor folder contains other package dependencies so the vendor folder is ignored, as I noticed in the sonarqube project it is already set to ignore it, but there are several other php files also in the root folder. ie

$ ls  | grep php 
index-mantainance.php
index.php

It is rather confusing at the moment. I set a git repo dependency already in the project and I am sure sonarqube sees the project because it can fetch it from the gitlab profile. What else is needed to spin a scan?

Here is another example confirm the SCM should indeed see the files if sonarqube is indeed connecting to gitlab and getting the code

$ git ls-files | grep php | head
application/config/1constants.php
application/config/1database.php
application/config/autoload.php
application/config/config.php
application/config/constants - Local Server.php
application/config/constants - Staging.php
application/config/constants.php
application/config/database - Staging.php
application/config/database - local server.php
application/config/database.php

Hi,

Are you running analysis from the machine where SonarQube runs?

The command the onboarding wizard gives you is intended to be run from your CI agent. Running both on the same server is bad practice.

This is two different things. The server needs the GitLab configuration to onboard projects and to reach back to them for PR decoration. Not to check out code. That should happen on your CI build agent.

Before you invoke analysis, you need to be cdd into the project directory at the same level as the .git directory. It’s not clear to me from your description that that’s the case.

 
Ann

Thank you for confirming, I got it working. I thought the server was going to pick up the code from git directly but instead the code needs to be in the context of the CLI so i just mounted the code in the path of the CLI container and executed from it.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.