Currently using CircleCI but most of the scanning is being done from fastlane.
In case of iOS, any merge is only scanning Swift Code and not any objective-c scan (Which is the default behavior as sonarcloud auto scan does not support Obj-C). So to trigger a scan I followed a lot of documents and ended up doing:
1- Call to run_tests fastlane Action with specific paramters using “build-wrapper-macosx-x86” downloaded:
run_tests(
clean: true,
project: "****.xcodeproj",
scheme: ""****.",
devices: ["iPhone X",],
derived_data_path: "./build/deriveddata",
output_directory: "./build/test",
output_types: "junit",
code_coverage: true,
buildlog_path: "./build/logs",
xcodebuild_command: "env NSUnbufferedIO=YES /Users/distiller/project-working-dir/sonar/build-wrapper-macosx-x86/build-wrapper-macosx-x86 --out-dir ./build/bw_output xcodebuild"
)
2- direct call to sonar-scanner to upload result from code test above to sonar cloud:
sh("eval /Users/distiller/project-working-dir/sonar/sonar-scanner-4.2.0.1873-macosx/bin/sonar-scanner -Dsonar.branch.name="+git_branch+" -Dsonar.cfamily.build-wrapper-output=../build/bw_output -Dsonar.cfamily.threads=2 -Dsonar.projectBaseDir=../**** -Dsonar.sourceEncoding=UTF-8 -Dsonar.sources=. -Dsonar.organization==****") -Dsonar.host.url=https://sonarcloud.io -Dsonar.projectKey==****") -Dsonar.projectName=**** -Dsonar.login=****")
The above is resulting in Obj-C + Swift being fully scanned.
But there is no direct feedback to our Pull Requests status checks on github.
Autoscan automatically gives a status of the Pull Request so we can know if there is any issue and if it did not pass the quality gate.
In case of android, doing a bit the same. Java is also not supported in autoscan. So I am using sonarqube gradle plugin via: ./gradlew clean sonarqube
It is doing the job, but not status feedback to Pull Request
PS: I am aware that I can use https://docs.sonarqube.org/latest/analysis/pull-request/
The main issue is that CircleCI cannot be configured to run on both branch merges and PRs.
If I run it on branch merge (Like I am doing now), I do not have any access to fill in those PR values.
And a run on branch merge is necessary to produce a deploy of the app.