Skip to content

Latest commit

 

History

History
83 lines (60 loc) · 4.91 KB

README.adoc

File metadata and controls

83 lines (60 loc) · 4.91 KB

C++ example project manually scanned on SonarQube

It is very easy to manually analyze a C, C++ and Objective-C project with SonarQube:

  1. Create a sonar-project.properties file to store your configuration

    1. Add a projectKey of your project

    2. Generate a unique token and set it as "sonar.login" (SONARQUBE_TOKEN in this example project)

    3. Set sonar.host.url to your SonarQube server URL

  2. Download and unzip the Build Wrapper for Linux from {SonarQube URL}/static/cpp/build-wrapper-linux-x86.zip

  3. Add the Build Wrapper to your $PATH

  4. Download and unzip the SonarScanner for Linux

  5. Add the bin directory of the SonarScanner to your $PATH

  6. Wrap your clean build command with the Build Wrapper. E.g.: build-wrapper-linux-x86-64 --out-dir bw-output make clean all

  7. Run sonar-scanner specifying:

    1. -Dsonar.cfamily.compile-commands=bw-output/compile_commands.json if you are using SonarQube version 10.6 or later

    2. -Dsonar.cfamily.build-wrapper-output=bw-output if you are using SonarQube version 10.5 or earlier, as build-wrapper did not generate a compile_commands.json file before SonarQube 10.6

    Noting that bw-output is the directory passed to build wrapper as --out-dir

You can take a look at the sonar-project.properties and build-analyze.sh (a script that downloads the sonar-scanner and the Build Wrapper before compiling and analyzing the project) to see it in practice. Please be aware that the SonarQube server URLs and the sonar.login are not completed in these examples.

Documentation

Linux\Autotools

A build of the code repository on a Linux platform using GNU Autotools build system.

To build the code run:

autoreconf --install
./configure
make clean all

Code Description

An example of a flawed C++ code. The code repository is meant to be compiled with different build systems using different CI pipelines on Linux, macOS, and Windows.

The code repository is forked into other repositories in this collection to add a specific build system, platform, and CI. The downstream repositories are analyzed either with SonarQube or SonarCloud.

You can find examples for:

Using the following build systems:

Running on the following CI services:

Configured for analysis on:

You can find also a few examples demonstrating:

See examples-structure.adoc for a description of the structure of this GitHub organization and the relations between its different repositories.