Questions tagged [sonarqube-scan]

SonarQube Scanners run the analyzers on code. Use this tag for questions related to any of the scanners: SonarQube Scanner for CLI, Maven, Gradle, Jenkins, etc.

0
votes
0answers
9 views

SonarQube Scan issues are not shown in SQ Site

I've created a Jenkinsfile with this pipeline stage: stage('SonarQube analysis') { steps { withSonarQubeEnv('SonarScan') { sh "dotnet '/usr/local/sonar-scanner-msbuild/...
0
votes
0answers
26 views

Jenkins Sonar Scanner vs Maven sonar:sonar goal

I tried running a sonar analysis using a java project on Jenkins using the standard maven sonar:sonar goal and also using the post step>> Execute SonarQube scanner. The maven goal I used is. clean ...
0
votes
1answer
35 views

Sonar analysis by just configuring maven settings xml

I am trying to run my java maven project for sonar analysis. We have multiple projects with their own pom.xml and a central server settings.xml to run all those maven builds. Is there a way to ...
0
votes
0answers
7 views

SonarQube limit heap size for execution

I am using sonarqube locally and I want to limit heap size (Memory size) which used by sonar while execution. Can say I want to allow max size 512mb. So what can I do for this? Even wanted to know ...
1
vote
0answers
38 views

is there a way to scan multiple projects at sonarqube stage?

Correct me if am wrong. I just trying to understand whether is there a way to scan multiple project at sonarqube stage? say i have 10 projects, and the ideal scenario would be to create 10 different ...
-2
votes
1answer
21 views

SonarQube: Remove the extra characters before the open tag

I have this code in my file index.phtml. This code is a part of a page: <br/><br/> <div id="view-content"> <p> blablablablablablablabla <strong> ...
0
votes
0answers
26 views

SonarQube doesn't send notification to Discord webhook

I want notification on my discord app after completing every scan in sonarqube. I have tried to configured my discord webhook URL in sonarqube webhook option but it getting 400 error code after ...
0
votes
0answers
25 views

Sonarqube has an issue with not closing a returned object. How do I fix it?

I'm trying to fix some of the issues identified by Sonarqube, and I've got several that are all essentially the same as the example shown here. It's telling me I should close the object, but I can't ...
-1
votes
1answer
23 views

failed to connect to 127.0.0.1:9000. connection refused

I have concourse , sonarqube server running inside containers and when i am trying to connect to sonarqube server using concourse, it is showing me error i.e SonarQube server [http://localhost:9000] ...
0
votes
1answer
16 views

How to pass xcode project name with spaces in sonar-project.properties file

I want to run sonarqube scanning on xcode project using run-sonar-swift.sh script. My xcode project name is Temperature Converter. But when I provide this name it takes only Converter and not full ...
0
votes
1answer
34 views

Why SonarScanner ignores sonar.sources value (You must define the following mandatory properties)?

I would like you to help me with a problem that I have when executing: 'build now', because when I execute it the console output shows a series of failures One of the failures was and still is, the ...
0
votes
1answer
42 views

How to apply an existing sonarQube rule for only given class type

Please help me to solve these problems. Simply I want to apply an existing sonarqube rule for only certain type of classes. As far as I know, we can use class tree to get the classes and identify the ...
0
votes
0answers
39 views

How to set log level for SonarQube Gradle plugin

I'm using SonarQube plugin (version 2.6.1) for Gradle (version 4.7) and have the problem that a lot of unimportant log output is being written while running the sonar analysis on my CI server. Is ...
1
vote
1answer
16 views

Project root configuration file: NONE Jenkins Declarative Pipeline

I am working in building a declarative pipeline for my java project. I am facing a minor issue with the path which sonarQube is using when it is trying to commence with the scan activity. It shows "...
0
votes
0answers
23 views

SonarScanner on Virtual environment

sonar-scanner for python choose only global python environment. My global python is set to python 3.5 and I have a pip virtualenv on python 2.7 with required libraries. Even if I execute sonar-...
0
votes
0answers
19 views

How to configure sonarqube to send blocker and crtical issue notification

I have a requirement that after every scan send only sonar blocker and critical violations issues to particular users . Seeking help to understand the required configuration. Sonar version is:1.2.1
0
votes
1answer
23 views

avoid SonarQube null assignment rule

I'm fixing some code bugs, it is an old code, and when i run sonar to get all validations says Assigning an Object to null is a code smell. Consider refactoring. Code looks like that public ...
0
votes
0answers
31 views

How to resolve 'Fail to get bootstrap index from server' error occuring in sonarqube analysis?

I am getting the below error while running the sonarqube analysis using scanner for msbuild. ERROR: SonarQube server [https://sonarqube.s###.com/commercial] can not be reached ERROR: Error during ...
0
votes
1answer
16 views

Automating the sonarqube analysis trigger

I am using sonarqube 6.7 , developer’s version and I run analysis through sonar scanner msbuild from my local machine . Is there any way to : 1) Trigger this analysis automatically on code check-in, ...
0
votes
0answers
60 views

SonarQube does not return status of waitForQualityGate() to jenkins?

I have used sonarQube in jenkins pipeline. I have installed all plugin related to sonarqube in jenkins. In the jenkins configure system, I configured the sonarqube server properly and jenkins global ...
0
votes
0answers
51 views

What is proper way to remove python tests from SonarQube analysis

I'm trying to get tests excluded from SonarQube analysis. i have set following in sonarscanner in Jenkins: sonar.sources=. sonar.exclusions=manage.py, rone/wsgi.py, rone/settings/**, rone/utils/**, ...
1
vote
1answer
57 views

Unable to resolve 'Untrusted XML should be parsed with a local, static DTD' in Sonar

I had these blocks of code in my project (Java with Lombok): val factory = (XMLInputFactory2) XMLInputFactory.newInstance(); val streamReader = (XMLStreamReader2) factory.createXMLStreamReader(...
0
votes
0answers
29 views

Error during SonarQube Scanner execution java.lang.StackOverflowError

I'm using sonar 7.7 and at the time of scanning to a php project I get the error below. ERROR: Error during SonarQube Scanner execution java.lang.StackOverflowError at org.sonar.php.checks....
0
votes
0answers
58 views

Refactor the synchronisation mechanism to not use a Thread instance as a monitor

I've got a legacy application which has recently been integrated with SonarQube. The line this.notify(); inside a synchronized method is showing an error which reads "Refactor the synchronisation ...
1
vote
1answer
43 views

how to intellij maven project jacoco coverage report expert to xml, jacoco exec

I'm setting up sonarqube coverage. Can I IntelliJ JaCoCo coverage report expert to xml format and jacoco exec? I have IntelliJ JaCoCo coverage report html format. Can I convert html format report to ...
1
vote
0answers
31 views

SonarQube MSBuild in Azure DevOps Server build pipleline failed on Run Code Analysis task

We have an error in our build pipeline when running the code analysis with SonarQube. The SonarQube MSBuild integration failed: SonarQube was unable to collect the required information about your ...
0
votes
1answer
61 views

How to change sonarqube projectversion number automatically in jenkins

I'm using the "SonarScanner for MSBuild for Jenkins" and i'm trying to change sonarQube projectVersion number automatically. I have a windows system variable that contains the number that i want put ...
0
votes
0answers
26 views

How to bypass SSL verification while using Sonarqube

I've a sonarqube MS BUILD scanner that is not able to connect to a sonarqube server: C:\ws\develop>SonarQube.Scanner.MSBuild.exe begin /k:aaaa /n:bbb /v:4.0.0.13063 /d:sonar.host.url=https://...
0
votes
0answers
16 views

Java heap space ERROR in newly upgraded sonar

I am getting error java heap space error. I search on the internet and found a solution to adding -Dsonar.ce.javaOpts=-Xmx2048m -Dsonar.web.javaOpts=-Xmx2048m this on my docker it's solved my ...
0
votes
0answers
19 views

lcov.info not getting scanned by sonarqube

I am trying to scan the coverage of my code using coverageIstanbulReporter on the sonarqube. Here is my karma.conf.js file: module.exports = function (config) { config.set({ basePath: '', ...
0
votes
0answers
32 views

Jenkins : post build step “Invoke top-level Maven targets” with an other JDK (to launch a sonarqube scanner analysis)

I have a maven job in jenkins that need to be executed with OpenJdk7. I need to execute a sonarqube analysis in this job so I have setup a post build step "Invoke top-level Maven targets", as ...
0
votes
1answer
119 views

SonarQube Scanner: are binaries really needed?

I'm running SonarQube scanner on a java project. In the properties file there's a property sonar.java.binaries=**/classes to specify classes location for the projects. The scan failed showing this ...
0
votes
0answers
6 views

Is it possible to report separate coverage reports for unit tests and snapshot tests using sonarqube's scanner?

The documentation for genericTestData seems to indicate that there can be more than one coverage report: Report paths should be passed in a comma-delimited list to: sonar.coverageReportPaths I ...
1
vote
0answers
88 views

Getting Metric 'files' should not be computed by a Sensor when sinning run-sonar-swift.sh -v

Currently I am implementing SonarQube in project but after all setting I am getting error like Running Lizard...Running SonarQube using SonarQube Runner..ERROR: Error during SonarQube Scanner ...
0
votes
1answer
47 views

Why SonarQube exclusions are not applied to additional extensions specified in sonar.javascript.file.suffixes?

In my sonar-project.properties file I have the following settings: ... sonar.sources=src sonar.exclusions=src/**/*.test.js sonar.javascript.file.suffixes=js,jsx However my build is failing with the ...
2
votes
1answer
48 views

Can I analyze only .class files wih sonarqube?

I have some jar files that I'd like to run sonarqube scans (especially findbugs) against but I do not have the source. Is there any change to run the scans only against the class files? When running ...
0
votes
0answers
107 views

How can I create a Jenkins Pipeline to test Python coverage with SonarQube?

I am trying to run tests using pytest and export the coverage results to SonarQube for coverage analysis. I am using a Jenkins pipeline, but I'm unable to use sonar-scanner. I have configured a ...
0
votes
0answers
35 views

Reset SonarQube Leak period 'new code' to current failed quality gate?

I have a project that has a Sonar Qube setup and has already existing bugs and very little unit tests done. The leak period is set to the previous version. Now, the subsequent checkings have the scan ...
0
votes
0answers
24 views

Report why the sonar code coverage failed in Jenkins

I am a newbie to Snarqube code coverage tool, I have following stage in Jenkins for the quality gate. It catches the error and send it to email and slack. stage('Quality Gate') { ...
0
votes
0answers
29 views

Displaying Zero results in DashBoard while running the C# Project through MS bulid in sonarqube

Iam trying to analyze a C# project Through SonarQube with SonarScanner ms Bulid. Excution is success while running the sonar Scanner. But results are displayed Zero I have tried the following steps ...
0
votes
0answers
26 views

Sonarqube 7.4 is showing old build time

I am running sonarqube 7.4 and checking in the UI (localhost:9000) but it showing old timing of build. I tried everything (Server restart, temp, cache folder delete) but no luck. As the date showing ...
1
vote
0answers
78 views

How I specify sonar scanner to pick up a particular quality profile I have downloaded as an xml?

The quality profile on sonar server and local sonar server are different, I've downloaded the XML from sonar server and I want to specify to pick up that particular quality profile, where do I ...
0
votes
0answers
89 views

Cannot be reached to Sonarqube from Jenkins on ubuntu

I have installed below things on AWS EC2 CentOS instance: - Nginx - Sonarqube server - Sonar scanner - SSL Certificate named as Jenkins My Sonar is installed on port 9000 and below is the URL ...
0
votes
0answers
19 views

Sonar scans showing 0 bugs and 0 vulnerabilities for some repositories after upgrading the sourcecode in the repositories to java11

I have 4 projects which have code of different java versions. The project with OpenJDK11 shows 0 bugs and 0 vulnerabilities. The other projects show valid results. I tried upgrading the jacoco-maven-...
0
votes
2answers
304 views

Sonar maven plugin hangs during Java Main Files AST scan

I'm using sonar maven plugin to trigger java code analysis. Sonar-runner gets stuck with one java file processing. The last message on the console reads Java AST Scan and process gets stuck at that.. ...
1
vote
0answers
310 views

Location of the test results and coverage file in VSO

I have a project build on .NET Core 2.2 and I'm using VSO build definition for Build & Release; with Sonar Qube for code quality. The problem that I am facing is related to the location where the ...
0
votes
1answer
441 views

Number of lines of code - SonarQube licensing

With below configuration setting in Jenkinsfile(groovy) for sonar-project.properties: 1) sonar.projectKey=MyProject-${BUILD_NUMBER} and 2) sonar.projectName=MyProject-${BUILD_NUMBER} where ${...
1
vote
1answer
120 views

How to get code coverage in SonarQube for MAVEN multi-module project

I have configured SonarQube scanner for maven multi-module project and its working fine and i'm getting the data about bugs, code-smells, Vulnerabilities and Duplicated Blocks etc. This is my sonar-...
0
votes
0answers
52 views

How does preview mode differ from issues mode in sonar-scanner

Recently we have upgraded one of our Sonarqube server instance from 4.5.7 to 5.6.7 Sonar-scanner is on 3.0.3 + JDK 1.8 One change in behavior we noticed was that the scan’s triggered have some new ...
0
votes
0answers
39 views

Unable to publish jest test case report to SonarQube 6.1 and SonarScanner 3.3 through Jenkins

When I am using SonarQube 6.7, I'm able to publish jest unit test cases report to SonarQube successfully through Jenkins. But when I am using SonarQube 6.1, I am not able to publish reports to ...