.NET project file analyzers community

Sonarcloud

Currently, this readme is confirmed to work for SonarCloud. The steps in this guide might also be relevant for other SonarSource products, such as SonarQube, but this has not been verified at this time

Sonarcloud is a service which allows you to scan your code for issues, and gives an online dashboard allowing you to see which issues exist within the code. This includes any warnings generated by analyzers. In addition, it has integration with DevOps platforms (such as GitHub and Azure), which can be set up to automatically add comments on pull requests on any new warnings that the change has made, which can help in improving code quality.

The issue with this analyzer and Sonarcloud

Sonarcloud’s analyzer software can run while a build is being made, for example as part of a Pull Request check. However, Sonarcloud, by default, does not pick up any warnings generated by .??proj and .props files. This means that any warnings generated by this analyzer will not generate comments on pull requests, nor with they show up in their reports, which could result in a situation where they are not noticed and solved by developers.

Sonarcloud integration

There is currently no ‘elegant’ solution to have the warnings show up on SonarCloud, however, there is a workaround. By adding the .??proj and .props files as content, SonarCloud will recognise it’s warnings and pick them up, same as any warnings in the code.

For Example:

  <ItemGroup>
    <Content Include="*.??proj" CopyToOutputDirectory="Never"/>
    <Content Include="../../props/common.props" CopyToOutputDirectory="Never" Link="Properties/common.props"/>
    <Content Include="../../Directory.Packages.props" CopyToOutputDirectory="Never" Link="Properties/Directory.Packages.props"/>
  </ItemGroup>