I want to scan existing .cs files with sonarqube.
I understood that I need to use SonarQube Scanner for MSBuild, and this one requires to create a project to analyze. So I created a project on Visual studio from existing files and declared it as Class Library. But while executing SonarQube Scanner for MSBuild, I've got this error:
WARNING: The project has an invalid GUID "00000000-0000-0000-0000-
000000000000". The project will not be analyzed by SonarQube. Project
file: C:\Users\sas1\Documents\Visual Studio
2015\Projects\MSBuildTest\MSBuildTest.csproj
No analysable projects were found. SonarQube analysis will not be
performed. Check the build summary report for details.
Generation of the sonar-properties file failed. Unable to complete
SonarQube analysis.
09:54:16.866 Creating a summary markdown file...
09:54:16.872 Post-processing failed. Exit code: 1
I can not create a console application with those files, because thus I will have many compilation errors, which I am not supposed to correct, since the code is not mine, but just delegated to me.
So my question is: if someone gives me several .cs files to analyze using SonarQube, how can I analyse them using SonarQube Scanner for MSBuild?
Thank you
Related
When attempting to use Docfx to document a C# project I am running into an issue that is probably down to myself being a moron. However I have read through the docfx examples and I have not seen any obvious ways of rectifying the issue.
When I run docfx init -q I get no errors. When I run docfx docfx.json --serve I also get no errors, upon completed I get a Build succeeded. 0 Warnings 0 Errors message however no html files are generated.
It also appears to be correctly reading the source files from my project as the api folder has yml files with the same names as the class files in the project.
How do I get docfx to generated the appropriate html files for the project. Full output of docfx docfx.json --serve is below:
[19-07-04 05:07:47.020]Info:[MetadataCommand.ExtractMetadata]Using msbuild C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\MSBuild\Current\Bin as inner compiler.
[19-07-04 05:07:47.302]Info:[MetadataCommand.ExtractMetadata]Loading projects...
[19-07-04 05:07:50.379]Info:[MetadataCommand.ExtractMetadata]'C:/Users/Devvy/Source/Repos/TestProj/TestProj.csproj,C:/Users/Devvy/Source/Repos/TestProj/Display_Output.cs,C:/Users/Devvy/Source/Repos/TestProjException.cs,C:/Users/Devvy/Source/Repos/TestProj_Core.cs,C:/Users/Devvy/Source/Repos/TestProj/Module_Info.cs,C:/Users/Devvy/Source/Repos/TestProj/Opcode_Assembler.cs,C:/Users/Devvy/Source/Repos/TestProj/Opcode_Disassembler.cs,C:/Users/Devvy/Source/Repos/TestProj/Pattern_Tools.cs,C:/Users/Devvy/Source/Repos/TestProj/Payloads.cs,C:/Users/Devvy/Source/Repos/TestProj/Process_Info.cs,C:/Users/Devvy/Source/Repos/TestProj/PtrRemover.cs,C:/Users/Devvy/Source/Repos/TestProj/RopChainGenerator32.cs,C:/Users/Devvy/Source/Repos/TestProj/RopChainGenerator64.cs,C:/Users/Devvy/Source/Repos/TestProj/Thread_Info.cs,C:/Users/Devvy/Source/Repos/TestProj/obj/Debug/net472.AssemblyInfo.cs,C:/Users/Devvy/Source/Repos/TestProj/obj/Debug/net472/TestProj.AssemblyInfo.cs,C:/Users/Devvy/Source/Repos/TestProj/obj/Debug/net472_Lib.AssemblyInfo.cs,C:/Users/Devvy/Source/Repos/TestProj/obj/Debug/net472/TemporaryGeneratedFile_036C0B5B-1481-4323-8D20-8F5ADCB23D92.cs,C:/Users/Devvy/Source/Repos/TestProj/obj/Debug/net472/TemporaryGeneratedFile_5937a670-0e60-4077-877b-f7221da3dda1.cs,C:/Users/Devvy/Source/Repos/TestProj/obj/Debug/net472/TemporaryGeneratedFile_E7A71F73-0F8D-4B9B-B56E-8E70B10BC5D3.cs,C:/Users/Devvy/Source/Repos/TestProj/obj/Debug/netstandard2.0.AssemblyInfo.cs,C:/Users/Devvy/Source/Repos/TestProj/obj/Release/net472/TestProj.AssemblyInfo.cs' keep up-to-date since '7/4/2019 5:03:14 PM', cached result from 'C:/Users/Devvy/Source/Repos/TestProj/Documentation/api' is used.
[19-07-04 05:07:50.379]Info:[MetadataCommand]Completed Scope:MetadataCommand in 3384.2278 milliseconds.
[19-07-04 05:07:50.379]Info:Completed in 3389.2213 milliseconds
Build succeeded.
0 Warning(s)
0 Error(s)
Docfx provides static code documentation for us. If you want to static website of output with docfx correctly. You should follow these steps;
First you must install docfx. You have many way but I recommend install with choco
choco install docfx -y
then you must add your project docfx console package from NuGet
Install-Package docfx.console -Version 2.33.0
now open your project folder or whatever you want create a folder then run like that
docfx init
now best part of this answer you must config you'r project docfx.json file like this
after run
docfx --serve
Also I found a example project here
I think your problem about you're docfx file configuration.
I want to install sonarqube. And I want to see bug etc in my C# project.
But I didn't get results. Can you help me with why I can't?
Install download sonarqube.
Install ms build sonar-scanner.
I write sonar.project-properties and scanner into the bin file.
sonar.projectKey= //projectkey
sonar.projectName= //this same projectkey
sonar.projectVersion=1.0
This project is put bin file.
I added the scanner to path path.
Enter localhost
Create project and enter project key and name (same as name and key in txt)
But this project is empty even though My project is passed.
The code appears when I enter the code section but fields like bug vurnelabilities don't appear.Bugs,vulnerabilities,code smells show zero but passed solution.I know it's the error so I can't 0
I want to appear with the error of my project code there bugs appear areas etc. But "this project is empty" looks like "passed "
Shouldn't code errors appear here?Why can't I see?
Are you aware of SonarLint for Visual Studio
To scan your C# code and push the results to SonarQube you need to use the SonarScanner for MSBuild, not the SonarScanner.
SonarLint is a Visual Studio extension that runs the SonarC# and SonarVB.Net analyzers in the IDE. It does not push the results to SonarQube.
SonarLint is available for VS2015 Update 3 and VS2017.
I am using SonarQube on a C# .Net application via TeamCity. This application has jQuery in a folder with a bunch of other scripts. I would like to exclude a number of JQuery files from analysis but have Sonar analyze all the other files in the folder. One such JQuery file is at the following path:
...MyProject\Content\Scripts\jquery-ui-1.8.custom.min.js
I have added the following line to the additional parameters section of the SonarQube Runner build step:
-Dsonar.exclusions=**/Content/Scripts/jquery*
in an effort to exclude all files that start with jquery in that folder however the file is not being excluded from the analysis. Any ideas here?
I locally created an example project, containing a java file and a file called Content\Scripts\jquery-ui-1.8.custom.min.js.
~/sonar-scanner/bin/sonar-scanner led to these logs:
...
INFO: Quality profile for js: Sonar way
...
INFO: Sensor JavaScript Squid Sensor [javascript]
INFO: 1 source files to be analyzed
...
and the javascript file was visible in SonarQube.
~/sonar-scanner/bin/sonar-scanner -Dsonar.exclusions=**/Content/Scripts/jquery* led to these logs:
...
INFO: Excluded sources:
INFO: **/Content/Scripts/jquery*
INFO: 2 files indexed
INFO: 1 file ignored because of inclusion/exclusion patterns
...
and the javascript file was successfully excluded (not visible in SonarQube).
Conclusion
Your mentioned configuration should work. My guess is, that the analysis report cannot be processed for another reason and you are seeing old data in SonarQube.
Please verify your sonar runner logs and the status of your background tasks in the SonarQube administration pages.
I am new to sonarQube & Resharper. And I used the Resharper to do the code analysis (Code developed in C# language) because without built the project we can do the code analysis by using the Resharper.
Now the Analysis running successfully (the resharper analysis)for the unittest project files not for the normal project file. If unittest project is missing in the sln file then the SonarQube throws an exception "No files to inspect were found." and the Analysis getting fails.
So my Question is how to run the code analysis(using Resharper in Sonar) to Normal project file sln file (with/without the unittest project in that sln file). Or commands to do the necessary changes in the Sonarqube input so that the Executing command will run the Resharper analysis to the all the project files.
Input to the SonarQube:
cd:\sonar-scanner-2.5\bin\sonar-runner.bat -e "-Dsonar.jdbc.url=jdbc:mysql://ip/sonar?useUnicode=true&characterEncoding=utf8&rewriteBatchedStatements=true" -Dsonar.host.url=http://ip/ "-Dsonar.projectBaseDir=cd:\workspace" -Dsonar.sourceEncoding=UTF-8 -Dsonar.sources=. -Dsonar.resharper.includeAllFiles=false -Dsonar.resharper.projectName=* -Dsonar.projectVersion=1.0 -Dsonar.projectKey=projectkey_cs "-Dsonar.resharper.solutionFile=cd:/workspace" -Dsonar.resharper.timeoutMinutes=30
-Dsonar.ndeps.mode=skip -Dsonar.gallio.mode=skip -Dsonar.projectName=projectName
Executing command: cd:/inspectcode.exe /output=cd:\resharper-report.xml /no-swea /project=* /profile=cd:.sonar\resharper-sonarqube.DotSettings /no-buildin-settings cd:\XXXX.sln
I'm using SonarQube 5.2 and MSBuild.SonarQube.Runner to analyze a solution containing a number of C# projects. When the runner encounters auto-generated files like...
bin\Release\.NETFramework,Version=v4.5.AssemblyAttributes.cs
bin\Release\.NETPortable,Version=v4.5,Profile=Profile7.AssemblyAttributes.cs
...it fails with the following error...
ERROR: Error during Sonar runner execution
org.sonar.runner.impl.RunnerException: Unable to execute Sonar
at org.sonar.runner.impl.BatchLauncher$1.delegateExecution(BatchLauncher.java:91)
at org.sonar.runner.impl.BatchLauncher$1.run(BatchLauncher.java:75)
at java.security.AccessController.doPrivileged(Native Method)
at org.sonar.runner.impl.BatchLauncher.doExecute(BatchLauncher.java:69)
at org.sonar.runner.impl.BatchLauncher.execute(BatchLauncher.java:50)
at org.sonar.runner.api.EmbeddedRunner.doExecute(EmbeddedRunner.java:102)
at org.sonar.runner.api.Runner.execute(Runner.java:100)
at org.sonar.runner.Main.executeTask(Main.java:70)
at org.sonar.runner.Main.execute(Main.java:59)
at org.sonar.runner.Main.main(Main.java:53)
Caused by: java.lang.IllegalStateException: The folder 'C:\Source\Project1\bin\Release\.NETFramework' does not exist for 'TheProject:TheBranch:TheProject:TheBranch:GUID' (base directory = C:\Source\Project1)
At the moment I'm working around the problem by deleting those files before invoking the runner with the 'end' verb, but would like to know if there is a better way or if this is a known bug.
Can anyone tell me if SonarQube should be able to handle these files, or if there is a configuration I should tweak to avoid the problem?
This isn't a known issue - thanks for reporting it. I've created SONARMSBRU-199 to track it.
Normally XXXAssemblyInfo.cs files are generated under the %TEMP% directory so they are automatically excluded from the analysis as they are not under the project folder. However, it's a valid file name so it should be possible to analyse it if it happens to be created under the project directory.