尚未分析项目代码的声纳 [英] Project code is not being analyzed for sonarqube
问题描述
我在天蓝色的DevOps中有一个仓库,其中只有文件夹作为测试.现在,我在天蓝色的DevOps中以这种方式给出了任务结构.但是我看不到代码在sonarqube中得到分析.代码选项卡显示为空白.有人可以帮我解决我要去的地方吗?我不想在源代码中提供文件夹名称.我希望添加在分支中的任何代码都可以进行分析.
I have a repo in azure DevOps with only folder as test. Now, I have given the task structure in this way in azure DevOps. But I cannot see the code getting analyzed in sonarqube. The code tab shows blank. Could someone help me with where I am going wrong?? I do not want to give folder name in sources..I want whatever code I add in the branch to be analyzed.
edit:刚刚意识到这仅发生在功能短暂的分支上.我的声纳版本是8.0
edit: Just realized this is happening only for feature short lived branch..My sonarqube version is 8.0
步骤:
- 任务:SonarQubePrepare @ 4输入:SonarQube:连接名称"ScannerMode:"CLI"configMode:手动"cliProjectKey:管道声纳演示"cliProjectName:管道声纳演示"cliSources:."extraProperties:|#将传递给扫描仪的其他属性,#每行放置一个key = value,例如:sonar.exclusions = **/*.xml
推荐答案
SonarQube扩展提供了三个任务,您将在构建定义中使用这些任务来分析项目:
SonarQube extension provides three tasks you will use in your build definitions to analyze your projects:
-
准备分析配置任务,以配置所有必需的在执行构建之前进行设置.
Prepare Analysis Configuration task, to configure all the required settings before executing the build.
- 此任务是强制性的.
- 对于.NET解决方案或Java项目,它有助于集成与MSBuild,Maven和Gradle任务无缝连接.
运行代码分析任务,以实际执行对源代码.
Run Code Analysis task, to actually execute the analysis of the source code.
- Maven或Gradle项目不需要此任务,因为
扫描程序将作为Maven/Gradle构建的一部分运行.
发布质量门结果任务,以显示质量门状态在构建摘要中,让您了解该应用程序是否已准备好按质量"生产.
Publish Quality Gate Result task, to display the Quality Gate status in the build summary and give you a sense of whether the application is ready for production "quality-wise".
- 此任务是可选的.
- 因为它可以大大增加总体构建时间将轮询SonarQube,直到分析完成.省略这个任务不会影响SonarQube上的分析结果-它只是表示"Azure DevOps构建摘要"页面将不显示状态分析或指向SonarQube上项目仪表板的链接.
似乎您仍然需要添加运行代码分析任务.关于如何将SonarScanner用于Azure DevOps,请参考以下文档:
It seems you still need add Run Code Analysis task. Regarding how to use SonarScanner for Azure DevOps, please refer to the following documentation:
https://docs.sonarqube.org/最新/分析/扫描/sonarscanner-for-azure-devops/
这篇关于尚未分析项目代码的声纳的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!