Currently trying to add SonarQube to my project with github actions. The issue is that it can't get the projectKey and that it somehow tries to get a spring bean without having spring boot in my project. The code is as following:
Build.gradle:
plugins {
id 'org.jetbrains.kotlin.jvm' version '1.7.0'
id 'java'
id 'org.owasp.dependencycheck' version '6.3.2'
id 'com.google.cloud.tools.jib' version '3.2.1'
id 'org.sonarqube' version '3.4.0.2513'
}
....
sonarqube {
properties {
property("sonar.projectKey", "NotificationApi")
property("sonar.projectBaseDir", "src")
}
}
Build.yaml:
on:
# Trigger analysis when pushing in master or pull requests, and when creating
# a pull request.
push:
branches:
- master
pull_request:
types: [opened, synchronize, reopened]
name: NotificationApi Build
jobs:
sonarqube:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@master
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
With the following error:
WARN: Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'ClassRealm{javascript}-org.sonar.plugins.javascript.eslint.EslintBridgeServerImpl': Unsatisfied dependency expressed through constructor parameter 4; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'AnalysisTempFolder' defined in org.sonar.scanner.analysis.AnalysisTempFolderProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'DefaultInputProject' defined in org.sonar.scanner.scan.InputProjectProvider: Unsatisfied dependency expressed through method 'provide' parameter 2; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'ProjectReactor' defined in org.sonar.scanner.scan.MutableProjectReactorProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.api.batch.bootstrap.ProjectReactor]: Factory method 'provide' threw exception; nested exception is You must define the following mandatory properties for 'Unknown': sonar.projectKey
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 29.603s
ERROR: Error during SonarScanner execution
ERROR: You must define the following mandatory properties for 'Unknown': sonar.projectKey
ERROR:
ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.
INFO: Final Memory: 22M/77M
What is wrong about this configuration and what needs to be changed to fix it?
According to the action README file as well as this thread, adding the projectBaseDir input to the SonarQube Scan step should make it work (informing the folder where the sonar-project.properties file is located):
with:
projectBaseDir: <project-folder>
That way the project-level sonar-project.properties files should be detected correctly.
In your case it would look like this:
- name: SonarQube Scan
uses: sonarsource/sonarqube-scan-action@master
with:
projectBaseDir: <project-folder>
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
In case you didn't create the project sonar-project.properties file yet:
Project metadata, including the location to the sources to be analyzed, must be declared in the file
sonar-project.propertiesin the base directory:
sonar.projectKey=<replace with the key generated when setting up the project on SonarQube>
# relative paths to source directories. More details and properties are described
# in https://docs.sonarqube.org/latest/project-administration/narrowing-the-focus/
sonar.sources=.