[Question]When will plugin work with SonarQube Scanner for MSBuild?

[slavapr]

When will plugin work with SonarQube Scanner for MSBuild?
Any workaround?

[Linfar]

@slavapr Hello,
I'm really sorry for long response. Currently we are quite busy with upcoming TeamCity release. I will return to SonarQube plugin development when I have more time - I have 2 urgent tasks right now.

The first feature that should be done in the plugin is using Tools systems instead of one single bundled SonarQube Scanner version - to allow easy Scanner update (and downgrade). MSBuild support will be right after that - and MSBuild support will initially use tools system.

It's not absolutely clear how it's better to implement the MSBuild Scanner support. It demands 2 invocations - before compile&tests and after them. Firstly I plan to add 2 separate build runners - for start analysis and (optional) to send data to server.

The only workaround for now is to use command line runner or (better) to create meta runner.

[akuryan]

I have had the same problem and solved it by creating this https://github.com/akuryan/Teamcity.Metarunners/tree/master/SonarQube
Maybe this can be used as a base for Jetbrains plugin?

[Linfar]

@akuryan Metarunners have limited functionality - they cannot use tools and access secured parameters. Though they could be used as a workaround - they are definitely more comfortable rather then command line runners.

Currently I'm working half time on SonarQube plugin and tool support is almost finished. MSBuild support is coming right after that. I'll notify you when it will be ready.

[akuryan]

Thank you.

[axel3rd]

It's not absolutely clear how it's better to implement the MSBuild Scanner support. It demands 2 invocations - before compile&tests and after them. Firstly I plan to add 2 separate build runners - for start analysis and (optional) to send data to server.

Perhaps an integration on any step (included MetaRunner) and not as runner could be a great solution, like Artifactory plugin:

With that, user can choose (after select the URL) between implementation to use:

• Classic SonarQube Scanner
• MSBuild Scanner
• CFamily Scanner ; WARN: In this case the build-wrapper should prefix the command line (ex: The Java command if you are using nar-maven-plugin)

[Linfar]

@axel3rd Yeah, I thought about this. But it will be really hard to avoid gaps between steps. Consider a configuration has 3 steps and MSBuild Scanner is enabled on the first and on the last ones.

[axel3rd]

@Linfar : Good remark ... but I don't know if multi-MSBuild command is really supported by MSBuild Scanner :-( (and I'm not an expert about MSBuild integration process).

[matttrawicki]

👍 I was asked to set this up for .net and .net core projects.

[bmwelu]

👍

[anhwilson]

@Linfar : Hi. Did you make any progress with this? I've got a whole load of projects to migrate to use the MSBuild Sonar Scanner, and was hoping that there might be a new plugin soon!

[cat10w]

Same here, any update would be appreciated!

[alexangas]

While it's inconvenient, you don't have to wait for a plugin update to be able to use the MSBuild Scanner. Instead, copy the scanner to a location on your build agents, and use a command line build step to run it.

Here is an example for analyzing a TypeScript and C# application that you could work from:

%env.sonar.scannerpath% begin /k:"%env.sonar.project%" /n:"%env.sonar.project%" /v:"%build.number%" /d:sonar.host.url=%env.sonar.host% /d:sonar.login=%env.sonar.token% /d:sonar.sourceEncoding=UTF-8 /d:sonar.cs.dotcover.reportsPaths="dotCover.html"
"%MSBuildTools15.0_x86_Path%\MSBuild.exe" YourSolution.sln /t:Rebuild /verbosity:minimal
"%teamcity.tool.JetBrains.dotCover.CommandLineTools.DEFAULT%\dotCover.exe" analyse /ReportType=HTML /Output=dotCover.html /TargetExecutable="%teamcity.dotnet.vstest.15.0%" /TargetWorkingDir=. /TargetArguments="YourProject.Tests.dll"
%env.sonar.scannerpath% end
echo ------------------------------
echo Commands run:
type %~dpnx0

Hope this helps.

[cat10w]

Thanks @alexangas, we may give that a go. @Linfar, it would be useful to get a general idea of when the plugin will be updated to determine whether it's worth the effort of applying this change to our 50+ TeamCity builds now or wait for the update. As we progressed we started using a template for new builds which will simplify matters but we still have quite a few that were done just using the current SonarQube plugin that will all need to be updated,

[Linfar]

@anhwilson @cat10w
I have a working prototype of MSBuild Scanner support in dev branch. It's using packaged scanner 4.0.2.892 and runs it via .exe on Windows and through Mono on Linux.
Currently I'm working on a task with higher priority so I don't have enough time to properly test it.

You sure can use commandline runners to run SonarQube Scanner manually. For this case I recommend using Tools support to distribute the scanner to agents

[KellyR-STCU]

Really looking forward to an update for this plugin.

Thanks for your work!

[jscoobyced]

Is this about the issue that TC doesn't support newer version of the Sonar C# plugins? Right now we're using in sonarqube the plugins v5.10, if we upgrade to v6.8 or v7.x it doesn't run any scan.
In TC we've upgraded the SonarRunner to the SonarScanner but still got same issue that scan just do nothing unless we use in sonarqube plugins v5.10

[anhwilson]

@jscoobyced yes - issue is about incompatible version. If you uprgade the runner to the scanner in TC it won’t work, as the existing TC plugin is incompatible with SQ Msbuild scanner. New one will hopefully be on the way soon though. We ave downgraded C# scanner to 5.11 in SQ to get ensure the TC plugin still works.

[KellyR-STCU]

Any progress on this?

[Linfar]

@KellyR-STCU Not yet, thanks for pinging me. I will test the plugin asap.

[cfl00]

@Linfar Really looking forward to the new release... any updates on this?

[StephySaiempu]

I am using java-8 version and jenkins 2.121.1 version,sonarqube 6.7 version and installed both the sonarqube and jenkins on same server.when integrating sonarqube with jenkins the below issue is being raised.
ERROR: Error during SonarQube Scanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:84)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:71)
at java.security.AccessController.doPrivileged(Native Method)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:71)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:67)
at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:218)
at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:156)
at org.sonarsource.scanner.cli.Main.execute(Main.java:74)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Fail to bootstrap from server. Bootstrap index was:

<title>SonarQube</title>

Loading...

<script>window.baseUrl=""</script><script src="/js/vendor.017c6e7f.js"></script><script src="/js/app.b06ee6ee.js"></script>

at org.sonarsource.scanner.api.internal.Jars.getScannerEngineFiles(Jars.java:88)
at org.sonarsource.scanner.api.internal.Jars.download(Jars.java:70)
at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:39)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:75)
... 8 more

Caused by: java.lang.ArrayIndexOutOfBoundsException: 1
at org.sonarsource.scanner.api.internal.Jars.getScannerEngineFiles(Jars.java:84)
... 11 more

[axel3rd]

I am using java-8 version and jenkins 2.121.1 version,sonarqube 6.7 version and installed both the sonarqube and jenkins on same server.when integrating sonarqube with jenkins the below issue is being raised.

@manasarajaluri : This repository is about the TeamCity SonarQube plugin, not the Jenkins SonarQube plugin, and this thread concerns the MSBuild usage => not sure it is the right place for your problem ; please use SonarQube Community forum.

[Linfar]

@cfl00 Yes, we've made some testing and found several issues. They are mostly fixed and I'll provide a plugin zip next week to try it.

[Linfar]

I've build a plugin for TeamCity v2017.1.x+ with SonarQube MSBuild Scanner support. The plugin is able to run analysis on both Windows and Linux/Mac agents - by running the Scanner directly with exe on Win and through mono on Linux/Mac (Mac was not tested yet though there should be no differences from Linux). SonarQube Scanner v4.0.2.892 is bundled by default with Install Tool support.

To install or update the plugin please refer our documentation. Please note that mono should be installed on Linux/Mac agent in order to run analysis on such agents. There are also some prerequisites by SonarQube Scanner itself: eg JAVA_HOME should point to java 8.

Plugin usage seems quite simple: it uses the same SonarQube Server settings as classic Scanner. To run analysis you should add 2 new build steps: 'SonarQube MSBuild Scanner: begin analysis' runner before the build (NB: you may want to move some actions like restore out of the analysis) and 'SonarQube MSBuild Scanner: finish analysis' runner after the build (NB: set 'Execute step' to 'Even if some of the previous steps failed' to get analysis result even if your failing tests fail the build eg due to improper exit code). The begin step should be configured as usual - Server config, project name/key/version, modules and additional parameters, where you should enable test report integration, coverage integration and so on (it doesn't contain source/binaries locations because they are read by MSBuild Scanner from the project structure). The finish step is empty and uses configuration from the begin step. The build will fail if there is a finish step without begin step. There could be more than one pair in the build but they should be correctly ordered.

We've tested the plugin with SonarQube Server v6.7.1 and SonarC# plugin v7.2 (build 5463) installed. There were problems with some older C# plugin version - code inspections were not reported properly.

Documentation is on the way but you can install and try the plugin. Please contact me if something goes wrong or if you'll have ideas how to improve the plugin.

And I'm really sorry this took so long.

[cfl00]

@Linfar will there be updates to the 10.0.x versions of the plugin to fix this issue? I am running TeamCity 10.0.5 and get an error on loading the plugin you link. I assume its due to using the wrong version of the plugin. I checked the 10.0.x build of the plugin and didn't see any recent changes.

[Linfar]

@cfl00 I've backported changes to 10.0.x branch and everything seems to be working at least on Linux. Windows should also work, I'll check it on Monday if possible. Updating SonarScanner version with TeamCity Tools is not supported as this functionality doesn't exist in 10.0.x. But it's still possible to manually install other versions on agents and override the path with build parameter.

The plugin is built and you can try it from here

[Sebor]

Hi!
I faced with following problem - the "begin" build step goes successfully (the command in build log is: D:\BuildAgent\tools\sonar-scanner-msbuild.4.0.2.892\MSBuild.SonarQube.Runner.exe "/d:project.home=." "/d:sonar.host.url=https://sonarqube.sonar.com" "/k:PrjInnerTesting" "/n:Testing" "/v:505" "/d:sonar.login=564h64yfhy4fd34634564568e77834f6" begin),
but the "finish" step fails with error "ERROR: Not authorized. Analyzing this project requires to be authenticated. Please provide the values of the properties sonar.login and sonar.password." (command is D:\BuildAgent\tools\sonar-scanner-msbuild.4.0.2.892\MSBuild.SonarQube.Runner.exe end).

I noticed that file D:\BuildAgent\work<work_id>.sonarqube\conf\SonarQubeAnalysisConfig.xml (as I understand it is generated on "begin" step) doesn't have properties like "sonar.login" or "sonar.password" in section LocalSettings (there are "project.home" and "sonar.host.url" only), though they are passed on the "begin" build step. If I add "sonar.login" and run "finish" step manually everything is OK.

Any ideas?

[SAnCherepan]

@Linfar I've tried the updated plugin on my TeamCity 10.0.4 and SonarQube 6.7.1 and the line:

The finish step is empty and uses configuration from the begin step.

does not work for me.

The begin step launches as:

Starting: C:\BuildAgent\plugins\sonar-plugin-agent\sonarscanner_for_msbuild\MSBuild.SonarQube.Runner.exe "/d:project.home=." "/d:sonar.host.url=removed_by_me" "/d:sonar.jdbc.url=removed_by_me" "/k:removed_by_me" "/n:removed_by_me" "/v:83" "/d:sonar.password=removed_by_me" "/d:sonar.login=removed_by_me" /d:sonar.language=cs /d:sonar.branch=master begin

The finish step launches as:

Starting: C:\BuildAgent\plugins\sonar-plugin-agent\sonarscanner_for_msbuild\MSBuild.SonarQube.Runner.exe end

and ends with an error:

Post-processing started.
17:25:21.096  Credentials must be passed in both begin and end steps or not at all

The steps work fine if I use anonymous SonarQube configuration (SonarQube Server configured with url only, no login or password specified), but such analysis only works for sonar projects that are public (which is not my case, my project is private).

I'd like to know if I'm missing something or if it requires fixing on the plugin's (or even scanner's) end.
Thanks in advance!

[Linfar]

@Sebor @SAnCherepan Yes, I've missed the part mentioning authentication in the end step in the SonarQube Scanner documentation. The fix is already integrated (see corresponding issue).

[Linfar]

The MSBuild Scanner is supported in plugin versions 10.0.x and 2017.1.x+ so I'm closing the ticket

[Rashmimurari]

Hi ,

I am unable to Install the sonarqube Scanner on my system. i have installed the SonarQube 7.3 Version.

I am getting below error while installing the Sonarqube Scanner

INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 19.685s
INFO: Final Memory: 15M/263M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
ERROR: null
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.

What does this "Null" mean , how can i fix the issue ??

Please guide if anyone have come across this kind of issue.

Thank you,
Rashmi

[Linfar]

@Rashmimurari Do you use TeamCity plugin to run Sonar Scanner? How did you install the tool?