问题描述
我在使用 SonarQube 6.7 时遇到问题,它没有显示任何 C# 代码问题或错误,在分析过程中我可以看到 C# 正在被分析并且构建成功但是当我检查 SonarQube 仪表板时它只显示 Typescript和 XML.
I am having an issue with SonarQube 6.7 where it is not displaying any C# code issues or bugs, during the analysis I can see C# is being analysed and the build is successful but when I check the SonarQube Dashboard it is only showing Typescript and XML.
我正在使用 Jenkins 使用 Mono 构建项目,因为我们所有的构建都是在 Ubuntu 16.04 上完成的.
I am using Jenkins to build the project using Mono as all our building is done on Ubuntu 16.04.
设置如下:
Ubuntu 16.04 上的 Jenkins 2.89.2
Ubuntu 16.04(独立服务器)上的 SonarQube 版本 6.7(内部版本 33306)
声纳 C# 6.8.1
适用于 MSBuild 4.0.1 的 SonarQube 扫描仪
单声道 5.10.0 稳定版
在 Jenkins 中使用管道我正在执行以下操作:
Using a Pipeline In Jenkins I am doing the following:
node {
sh 'mono ~/tools/hudson.plugins.sonar.MsBuildSQRunnerInstallation/MSBuild/SonarQube.Scanner.MSBuild.exe begin /key:12345678FAKEKEY9l02998745'
sh 'dotnet restore WSP1.sln'
sh 'dotnet msbuild WSP1.sln'
sh 'mono ~/tools/hudson.plugins.sonar.MsBuildSQRunnerInstallation/MSBuild/SonarQube.Scanner.MSBuild.exe end' } }
上面的管道脚本没有任何问题.
The above pipeline script works without any issues.
当我运行这个管道时,我可以看到正在分析 C# 代码,这只是正在分析的代码片段:
When I run this pipeline I can see that the C# code is being Analysed, this is just a snippet of code being analysed:
Services/Project1/Services/Project1EventsShould.cs(130,21): warning S1186: Add a nested comment explaining why this method is empty, throw a 'NotSupportedException' or complete the implementation. [/var/lib/jenkins/workspace/CSharpAnalysis/WSP1/test/Unit/Unit.csproj]
Services/Project1/Services/Project1EventsShould.cs(137,21): warning S1186: Add a nested comment explaining why this method is empty, throw a 'NotSupportedException' or complete the implementation. [/var/lib/jenkins/workspace/CSharpAnalysis/WSP1/test/Unit/Unit.csproj]
Services/Project1/Models/ZenEventShould.cs(24,17): warning S1481: Remove this unused 'date' local variable. [/var/lib/jenkins/workspace/CSharpAnalysis/WSP1/test/Unit/Unit.csproj]
Services/Project1/Models/CollaborationUserShould.cs(16,17): warning S1481: Remove this unused 'sut' local variable. [/var/lib/jenkins/workspace/CSharpAnalysis/WSP1/test/Unit/Unit.csproj]
最后我得到了一个成功,一切看起来都很好,但是当我检查 SonarQube 时,我可以看到上传的代码正在被分析以在 SonarQube 中显示,这通常需要一分钟左右,但完成后我可以看到仅显示 TypeScript 和 XML.
At the end I get a SUCCESS, everything looks good but when I check SonarQube I can see that the uploaded code is being analysed for display in SonarQube, this usually takes a minute or so but when this is completed I can see that only TypeScript and XML is displayed.
在输出中,我收到了一些警告、信息和错误,但没有什么看起来很危险,在输出的末尾我收到了成功消息
In amongst the output I get some warnings, info and errors but nothing looks sinister, at the end of the output I get the success message
INFO: 68 files had no CPD blocks
INFO: Calculating CPD for 281 files
INFO: CPD calculation finished
INFO: Analysis report generated in 1771ms, dir size=5 MB
INFO: Analysis reports compressed in 3908ms, zip size=2 MB
INFO: Analysis report uploaded in 5866ms
INFO: ANALYSIS SUCCESSFUL, you can browse http://sonar.serverdomain.com:9000/dashboard/index/12345678FAKEKEY9l02998745
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://sonar.serverdomain.com:9000/api/ce/task?id=AKsdHc7FAKEIDVOeCzBYv
INFO: Task total time: 1:32.107 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 1:42.735s
INFO: Final Memory: 54M/397M
INFO: ------------------------------------------------------------------------
The SonarQube Scanner has finished
14:59:57.577 Creating a summary markdown file...
14:59:57.59 Analysis results: http://sonar.serverdomain.com:9000/dashboard/index/12345678FAKEKEY9l02998745
14:59:57.591 Post-processing succeeded.
Finished: SUCCESS
我手头有完整的输出,我只需要对其进行消毒以删除任何可能敏感的内容,如果您想看看,请告诉我,我会发布此内容.
I have the full output handy, I just need to sanitize this to remove anything that may be sensitive, if you would like a look just let me know and I will post this.
我对 SonarQube 还很陌生,所以我遇到的问题可能很愚蠢,但我一直在努力解决这个问题.
I am pretty new to SonarQube so the issue I am having could be something silly but I have been ripping my hair out trying to figure this out.
编辑:我再次挖掘输出并注意到以下警告:
EDIT : I was digging through the output again and noticed 2 warning in the following:
INFO: Quality profile for cs: Sonar way
INFO: Quality profile for ts: Sonar way
INFO: Quality profile for xml: Sonar way
INFO: Sensor C# Properties [csharp]
WARNING: WARN: Property missing: 'sonar.cs.analyzer.projectOutPaths'. No protobuf files will be loaded for this project.
WARNING: WARN: No roslyn issues report not found for this project.
INFO: Sensor C# Properties [csharp] (done) | time=1ms
推荐答案
我刚刚在 Sonarqube 6.7.4 (build 38452) 上遇到了同样的问题.
I just ran into the same issue on Sonarqube 6.7.4 (build 38452).
分两步解决:
- 将内置 SonarC# 插件更新到版本 7.2(内部版本 5463)(卸载-重启-安装-重启)并重新扫描后,出现了代码问题(漏洞、代码异味等).
- 在测试项目中引入包coverlet.msbuild生成覆盖率数据,配置项目-管理 - C# - OpenCover 单元测试报告路径 以使用
path/to/coverage.opencover.xml
.重新扫描后,测试覆盖率数据出现了.
- After updating the built-in SonarC# plugin to version 7.2 (build 5463) (Uninstall-Restart-Install-Restart), and re-scanning, code issues (vulnerabilities, code smells, etc) showed up.
- Introduced package coverlet.msbuild into test projects to generate coverage data, configured Project - Administration - C# - OpenCover Unit Tests Reports Paths to use
path/to/coverage.opencover.xml
. After re-scanning, test coverage data showed up.
以上配置后执行的命令如下:
Here are all the commands executed after above configurations:
dotnet path/to/SonarScanner.MSBuild.dll begin /k:"project-key"
dotnet build
dotnet test /p:CollectCoverage=true /p:CoverletOutputFormat=opencover
dotnet path/to/SonarScanner.MSBuild.dll end
这篇关于SonarQube - C# 代码未显示在仪表板上的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!