Sitecore: Code Analysis with Sonarqube on an self hosted agent

Here I bring you another experience on a Sitecore 10.2 solution code analysis. One of the pre-launch tasks have been to make sure all best practices were applied. For this code analysis we applied SonarQube. 

First let's see how a code analysis looks like. 

There are several scenarios to analyze a solution with SonarQube. This case we will have a solution already integrated to CI/CD pipelines and running from a self-hosted agent being connected to a private SonarQube server. According to our project limitation it is not possible to use the SonarQube extensions for Azure DevOps (the good thing is that I will be trying SonarQube analysis with this extension late, stay tuned!). 

So, first things first. Check the prerequisites and documentation. 

• Prerequisites
• Branch analysis
• Steps

Then you can add the steps to a CI pipeline like this:

steps:

    - task: PowerShell@2

      displayName: SonarQube Analysis

      inputs:

        targetType: 'inline'

        script: |

          &{Import-Module "C:\Program Files (x86)\Microsoft Visual Studio\2019\Community\Common7\Tools\Microsoft.VisualStudio.DevShell.dll"; Enter-VsDevShell d634d95a}

          cd "$(Pipeline.Workspace)/s/"

          C:\sonar-scanner-msbuild-5.8.0.52797-net46\SonarScanner.MSBuild.exe begin /k:"NWN.WebFrontEnd" /d:sonar.host.url="https://sonarqube.oshyn.com" /d:sonar.login="sqp_xxxxxxxxxxxxxxxxxxxxxx"

          MsBuild.exe /t:Rebuild

          C:\sonar-scanner-msbuild-5.8.0.52797-net46\SonarScanner.MSBuild.exe end /d:sonar.login="sqp_xxxxxxxxxxxxxxxxxxxxxx" 

Documentation is pretty clear with the commands needed to run the analysis, just make sure that you added the correct java version, the corresponding environment variable and path. Several java versions installed could ma

 

Branch analysis in my scenario was not possible since my private server was a community version, I should have a developer one or above. If you want to analyze a branch different than master, a workaround could be to change the default branch but found that switching the default branch could bring issues on the project, so I avoided it. 

Then you have your solution analyzed by SonarQube. Let's continue improving our project. As always, leave a comment if you have any question or suggestion.