Skip to content

Latest commit

 

History

History
106 lines (79 loc) · 6.5 KB

README.adoc

File metadata and controls

106 lines (79 loc) · 6.5 KB

C++ example project scanned on SonarQube using Azure Pipelines

Build Status Quality Gate Status

This project is analysed on SonarQube!

It is very easy to analyze a C, C++ and Objective-C project with SonarQube on Azure DevOps:

  1. Create a sonar-project.properties file to store your configuration

  2. Install SonarQube extension for your organization:

    1. Open Organization settings (in the bottom left corner of organization view)

    2. Open "Extensions" page (in the General category)

    3. Press "Browse marketplace" and find "SonarQube"

    4. Select your organization and click "Install"

  3. Add the SonarQube connection to your project:

    1. Open Project settings (in the bottom left corner)

    2. Open "Service connections" page (in the Pipelines category)

    3. Press "New connection" and select "SonarQube""

    4. Fill in the server URL (e.g.: https://example.com:9000) and the authentication token

    5. Name your connection SonarQube (to reference it later in azure-pipelines.yml)

  4. In your azure-pipelines.yml file:

    1. Add the SonarQubePrepare task and configure it:

      • Specify the SonarQube Service Endpoint as SonarQube - the connection you created earlier

      • Choose "Use standalone scanner" (scannerMode: 'CLI')

      • Choose "Manually provide configuration"

      • Specify the "Project Key" and the "Sources directory root"

      • In "Additional Properties" in the "Advanced" section, add

        • the property sonar.cfamily.compile-commands with, as its value, bw-output/compile_commands.json, if you are using SonarQube version 10.6 or later

        • the property sonar.cfamily.build-wrapper-output, with value bw-output, if you are using SonarQube version 10.5 or earlier, as build-wrapper did not generate a compile_commands.json file before SonarQube 10.6

        Noting that bw-output is the directory passed to build wrapper as --out-dir (see below)

    2. Add a task to download the Build Wrapper

    3. Wrap your compilation with the Build Wrapper, specifying the same output directory used in "Additional Properties"

    4. Add the SonarQubeAnalyze task

You can take a look at the sonar-project.properties and azure-pipelines.yml to see it in practice.

Documentation

Windows\MSBuild

A build of the code repository on Windows platform using MSBuild build system.

To build the code run:

msbuild sonar_scanner_example.vcxproj

Code Description

An example of a flawed C++ code. The code repository is meant to be compiled with different build systems using different CI pipelines on Linux, macOS, and Windows.

The code repository is forked into other repositories in this collection to add a specific build system, platform, and CI. The downstream repositories are analyzed either with SonarQube or SonarCloud.

You can find examples for:

Using the following build systems:

Running on the following CI services:

Configured for analysis on:

You can find also a few examples demonstrating:

See examples-structure.adoc for a description of the structure of this GitHub organization and the relations between its different repositories.