kindly help me, as I have already invested my 15 days.
SonarQube: 8.2, SonarQube Scanner: 126.96.36.1993, Gradle : 6.3, Java: 11.0.3 (64 bit) Oracle, Database: Postgres, OS: Mac OS X 10.14.4 x86_64
What I am trying to achieve:
I have a code base setup on my local machine.
I need to scan this code and get the report, if any blocker/critical… etc. are there.
What I have done so far:
I have created a project on sonarqube. Downloaded the gradle and Android Studio. Build the project using gradle build. Downloaded sonar-scanner.
My SonarQube server is up and running and it shows
Quality Gate as Passed and when I click on Overview, then i got warning as "The main branch has no lines of code."
And when I run sonar-scanner, I get attached
scan.txt (22.9 KB) logs
I execute below sonar-scanner command:
**sonar-scanner -X -Dsonar.projectKey=Project_Android -Dsonar.sources=. -Dsonar.host.url=http://localhost:9000/sonarqube **
Kindly let me know, in case any specific file is needed.
It looks like you’re somehow only analyzing
.class files by exceuting analysis from the
21:45:21.123 DEBUG: 'MainActivity.class' indexed with language 'null'
SonarQube scans source code, not compiled classes. And in fact, there’s a specific scanner for Gradle, the
SonarScanner for Gradle, which should ensure you don’t have to do much manual configuration or guessing.
In that case if I scan for source code, it says to provide compiled class.
org.sonar.java.AnalysisException: Please provide compiled classes of your project with sonar.java.binaries property
And funny enough, the compiled classes are what you seem to have been trying to scan in your first post.
sonar.java.binaries will automatically be set the scanner for Gradle, or you can try manually providing a value. This gets messy quickly if you have more than one module.
Comma-separated paths to directories containing the compiled bytecode files corresponding to your source files.
So in summary – you scan the source code – but also supply the compileid bytecode (through the
sonar.java.binaries analysis parameter).
How about you try the Scanner for Gradle?
When tried with -Dsonar.java.binaries=/Users/mac/git/Project_Android/target/classes/com/app/bin
ERROR: Invalid value for sonar.java.binaries
For the third time, I’m going to suggest using the Scanner for Gradle, where this gets automatically configured.
My issue is resolved, fyi, I was already using Scanner for Gradle, the issue was in my properties file there was junk character in my path, after removing that it is successful.