Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add Nuget support #417

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

add Nuget support #417

wants to merge 2 commits into from

Conversation

cloud122
Copy link

add Nuget support
Based off PR that was never merged, 3d23c78

@cloud122 cloud122 mentioned this pull request Feb 27, 2024
Open
@cloud122
Update LicenseCheckSensor.java
a72de59 
Removed duplicate entry.
@marpereira
Copy link

marpereira commented Oct 8, 2024
edited
Loading

I'm using a build with these commits. The scanner is triggered but no "licenses.json" files are found.

We are probably missing some documentation on how to add the licenses file to sonar scanner.

I'm using dotnet-project-licenses to generate the licenses file.

The command: dotnet-project-licenses -j -u -i . - json output; uniq license registry; project root.

The file is well generated but there is no detection on sonar scanner. Verbose output available below.

12:49:00.733 INFO: Sensor License Check [licensecheck]
12:49:00.733 INFO: Scanning for NPM dependencies (dir=C:\Jenkins\workspace\*****\*****\*****)
12:49:00.733 DEBUG: Searching for license file at build\reports\dependency-license\license-details.json
12:49:00.733 INFO: No license-details.json file found in C:\Jenkins\workspace\*****\*****\*****\build\reports\dependency-license\license-details.json - skipping Gradle dependency scan
12:49:00.733 DEBUG: Finding and scanning licenses.json
12:49:00.733 DEBUG: Nuget scanning complete.
12:49:00.735 DEBUG: Saving dependencies for module [key=*****]: []
12:49:00.735 DEBUG: Saving licenses for project [key=*****]: []
12:49:00.738 INFO: Sensor License Check [licensecheck] (done) | time=5ms

Here is the code on my Jenkins pipeline

bat "${MSBUILD_SQ_SCANNER_HOME}\\SonarScanner.MSBuild.exe begin /k:\"*****\" /n:\"*****\" /v:\"${params.VERSION}\" /d:sonar.login=\"${SONARTOKEN}\" /d:sonar.cs.opencover.reportsPaths=**/coverage.opencover.xml /d:sonar.licenseCheck=enabled /d:sonar.licenseFile=licenses.json /d:sonar.verbose=true"
echo 'build *****'
bat 'dotnet clean'
bat 'dotnet restore'
bat 'dotnet tool restore --ignore-failed-sources -v d'
bat 'dotnet tool run dotnet-project-licenses -j -u -i .'
bat 'msbuild -verbosity:minimal %WORKSPACE%\\*****\\*****.sln /t:Rebuild /p:Configuration=Release'
bat 'dotnet test --logger "trx;LogFileName=UnitTests.trx" --collect "XPlat Code Coverage;Format=cobertura,opencover"'
mstest testResultsFile:"**/*.trx", keepLongStdio: true, failOnError: true
bat "${MSBUILD_SQ_SCANNER_HOME}\\SonarScanner.MSBuild.exe end /d:sonar.login=\"${SONARTOKEN}\""

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bmadzinski bmadzinski bmadzinski left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@cloud122 @marpereira @bmadzinski @gcvl122