我的 SonarQube C++ 扫描成功，但结果只标记重复，没有其他标记

Posted 2023-03-16

【中文标题】我的 SonarQube C++ 扫描成功，但结果只标记重复，没有其他标记

【英文标题】：MY SonarQube C++ scan is successful but results only flag Duplications and none other where flagged

【发布时间】：2020-05-10 03:52:43

【问题描述】：

我的 SonarQube C++ 扫描成功，但结果仅标记重复项，而没有其他标记，这似乎是扫描出现问题。我查看了 jenkins 输出和后台任务，它们都没有任何错误。

以前有人遇到过这种情况吗？我该如何克服这个问题？

请给一些建议。 提前致谢。

**sonar-project.properties**
# Default SonarQube server
sonar.host.url=xxxxxxxx

# Root project information
sonar.projectKey=xxxxxx
sonar.projectName=xxxx
sonar.projectVersion=1.0

# Metadata
sonar.links.homepage=
sonar.links.ci=xxxx
sonar.links.scm=xxxx
sonar.links.issue=xxxx

# Sources to scan
sonar.sourceEncoding=UTF-8
sonar.projectBaseDir=system
sonar.sources=xxxx
sonar.exclusions=xxxx

# SonarCFamily configuration
sonar.cfamily.build-wrapper-output=build_output
sonar.cfamily.threads=1
sonar.language=cpp
sonar.log.level=TRACE|DEBUG

**Jenkins Output**
INFO: Scanner configuration file: /opt/sonar-scanner-3.3.0.1492-linux/conf/sonar-scanner.properties
INFO: Project root configuration file: /project-root/sonar-project.properties
INFO: SonarQube Scanner 3.3.0.1492
INFO: Java 1.8.0_212 IcedTea (64-bit)
INFO: Linux 3.10.0-1062.4.3.el7.x86_64 amd64
INFO: SONAR_SCANNER_OPTS=-Djavax.net.ssl.trustStore=/usr/bin/sq.keystore -Djavax.net.ssl.trustStorePassword=changeit
INFO: User cache: ?/.sonar/cache
INFO: SonarQube server 7.9.1
INFO: Default locale: “en_US”, source code encoding: “UTF-8”
WARN: SonarScanner will require Java 11+ to run starting in SonarQube 8.x
INFO: Load global settings
INFO: Load global settings (done) | time=174ms
INFO: Server id: XXXXXXXXXXXXXXXX
INFO: User cache: /project-root/?/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=78ms
INFO: Load/download plugins (done) | time=6226ms
INFO: Loaded core extensions: developer-scanner
INFO: Process project properties
INFO: Execute project builders
INFO: Execute project builders (done) | time=7ms
INFO: Project key: org.wabtec.pdsserver
INFO: Base dir: /project-root/system
INFO: Working dir: /project-root/system/.scannerwork
INFO: Load project settings for component key: ‘XXXXXXXXXXX’
INFO: Load project settings for component key: ‘XXXXXXXXX’ (done) | time=23ms
INFO: Load project branches
INFO: Load project branches (done) | time=21ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=15ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=2ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=57ms
INFO: Load active rules
INFO: Load active rules (done) | time=786ms
INFO: Indexing files…
INFO: Project configuration:
INFO: Excluded sources: XXXXXXXXXXXXXXXXX
INFO: 10342 files indexed
INFO: 0 files ignored because of inclusion/exclusion patterns
INFO: 0 files ignored because of scm ignore settings
INFO: Quality profile for c: Sonar way
INFO: Quality profile for cpp: Sonar way
INFO: ------------- Run sensors on module PDS Server NS
INFO: Load metrics repository
INFO: Load metrics repository (done) | time=22ms
INFO: Sensor JavaXmlSensor [java]
INFO: Sensor JavaXmlSensor [java] (done) | time=23ms
INFO: Sensor html [web]
INFO: Sensor HTML [web] (done) | time=40ms
INFO: Sensor JaCoCo XML Report Importer [jacoco]
INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=23ms
INFO: Sensor CFamily [cpp]
INFO: Using build-wrapper output: /project-root/build_output/build-wrapper-dump.json
INFO: Available processors: 8
INFO: Using 1 thread for analysis according to value of “sonar.cfamily.threads” property.
INFO: Load project repositories
INFO: Load project repositories (done) | time=145ms
WARN: Metric ‘comment_lines_data’ is deprecated. Provided value is ignored.
INFO: 0 compilation units analyzed
INFO: Sensor CFamily [cpp] (done) | time=16616ms
INFO: Sensor JavaSecuritySensor [security]
INFO: Reading type hierarchy from: /project-root/system/.scannerwork/ucfg2/java
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /project-root/system/.scannerwork/ucfg2/java
INFO: No UCFGs have been included for analysis.
INFO: Sensor JavaSecuritySensor [security] (done) | time=7ms
INFO: Sensor CSharpSecuritySensor [security]
INFO: Reading type hierarchy from: /project-root/system/ucfg_cs2
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /project-root/system/ucfg_cs2
INFO: No UCFGs have been included for analysis.
INFO: Sensor CSharpSecuritySensor [security] (done) | time=0ms
INFO: Sensor phpSecuritySensor [security]
INFO: Reading type hierarchy from: /project-root/system/.scannerwork/ucfg2/php
INFO: Read 0 type definitions
INFO: Reading UCFGs from: /project-root/system/.scannerwork/ucfg2/php
INFO: No UCFGs have been included for analysis.
INFO: Sensor PhpSecuritySensor [security] (done) | time=1ms
INFO: ------------- Run sensors on project
INFO: Sensor Zero Coverage Sensor
INFO: Sensor Zero Coverage Sensor (done) | time=68ms
INFO: 548 files had no CPD blocks
INFO: Calculating CPD for 8453 files
INFO: CPD calculation finished
INFO: Analysis report generated in 2580ms, dir size=100 MB
INFO: Analysis report compressed in 14394ms, zip size=32 MB
INFO: Analysis report uploaded in 2595ms
INFO: ANALYSIS SUCCESSFUL, you can browse
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
INFO: Analysis total time: 52.906 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 1:02.029s
INFO: Final Memory: 58M/1665M
INFO: ------------------------------------------------------------------------

【参考方案1】：

只是可以给你一个方向搜索什么。 您需要在 Sonar 服务器上安装来自 Sonar Marketplace 的插件（在 UI 中搜索），因为默认情况下您只会看到零覆盖传感器。 您还需要运行单元测试（测试必须附带代码）以将生成的报告发送到 Sonar 并获取覆盖报告

【讨论】：

我安装了 SonarCFamily 插件，此时我不是在寻找 COverage。

您是在源代码上运行扫描还是在编译后运行？如果 Quality Gate 检查失败，您需要扫描源代码并停止构建。现在您只分析了所有 548 个文件中的 6 个文件。我不是 Microsoft 产品的忠实粉丝，所以不记得我在旧项目中做了什么，但看起来您的 CFamily 扫描仪仍然没有为您的代码激活。再次检查市场上 Sonar GUI 中 wright 扫描仪的所有选项，可能您还需要从 Nuget 获得一些东西

我已经附上了完整的输出以获取更多详细信息，我已经验证了所有内容，甚至 C++ 插件似乎都已激活。