How do I run SonarQube on a C#.NET project?

Question

I have a C#/.NET project that I want to scan using SonarQube (C# language).

I am getting the scan to pass but with many errors (Over 200 repeated errors)

Provide an 'AssemblyVersion' attribute for this assembly.

This above message is repeated many times and accounts for a majority of SonarQube bugs I see in my report.

SonarQube properties file

# Comma-separated paths to directories with sources (required)
#sonar.sources=controllers,services
sonar.sources=.
# Language
sonar.language=cs

sonar.visualstudio.solution=ProjectName.sln

sonar.sourceEncoding=UTF-8
sonar.cobol.copy.diretories=/copy
sonar.visualstudio.enable=true

I even ran this msbuild (using MSBuild.exe Version 14 which I downloaded from https://www.microsoft.com/en-us/download/details.aspx?id=48159 ) batch file in my project

C:\Users\pwrdbyadmin\Desktop\sonar-scanner-msbuild-3.0.2.656\SonarQube.Scanner.MSBuild.exe begin /k:"org.sonarqube:sonarqube-scanner-msbuild" /n:"ProjectName" /v:"1.0"
"C:\Program Files (x86)\MSBuild\14.0\Bin\amd64\MSBuild.exe"  /t:Rebuild
C:\Users\pwrdbyadmin\Desktop\sonar-scanner-msbuild-3.0.2.656\SonarQube.Scanner.MSBuild.exe end

Downloaded SonarQube 6.5 and ran following command to start server

C:\Users\pwrdbyadmin\Desktop\sonarqube-6.5\bin\windows-x86-32\StartSonar.bat

Command I run from within project

C:\Users\username\Desktop\sonar-scanner-3.0.3.778-windows\bin\sonar-scanner.bat

I still cannot resolve many of the .NET errors in my project.

How can I resolve these obvious C# errors that come about after I run SonarQube on my project, do I need Visual Studio installed, do I need to build my project in Visual Studio? What are the proper steps I need to follow to scan my project?

EDIT

The new three liner allowed analysis to work without any Insufficient Privilege error showing up at the end. I used VS 2017's latest MSBuild.exe in my 3 line command

C:\Users\<UserName>\Desktop\sonar-scanner-msbuild-3.0.2.656\SonarQube.Scanner.MSBuild.exe begin /d:"sonar.host.url=http://localhost:9000" /d:"sonar.login=<login>" /d:"sonar.password=<password>" /k:"org.sonarqube:sonarqube-scanner-msbuild" /n:"<ProjectName>" /v:"1.0"
"C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\MSBuild\15.0\Bin\MSBuild.exe"  /t:Rebuild
C:\Users\<UserName>\Desktop\sonar-scanner-msbuild-3.0.2.656\SonarQube.Scanner.MSBuild.exe end /d:"sonar.login=<login>" /d:"sonar.password=<password>"

In spite of using the updated command sequence, I still get the Assembly Version errors in my report.

Do I need to delete the project and re-analyze. Also, even thought my 3 liner shows MSBuild 15 used the yellow notice comes up saying I am using MSBuild 12. I am not sure why.

UPDATE: Screenshot of duplicate files/folders in Code Smell Analysis.

Answer 1

I am not sure where is the SonarQube.Properties file is used. I couldn't find that in my setup.

Make sure all the projects you are scanning has "Properties" folder and under that AssemblyInfo.cs which contains assembly version. The file must be included in the project. You can see that from Visual Studio.

Make sure you have provided the SonarQube address and authentication details in the SonarQube.Analysis.xml

sonar.host.url - URL to your SonarQube server sonar.login - Analysis token of a user with Execute Analysis permissions. Required only if Anonymous does not have them

Create a new bat file only with these lines.

<local path>/SonarQube.Scanner.MSBuild.exe begin /k:"<SomeProjectNameKey>" /n:"<YourProjectName>" /v:"1.0"
<local path>/MSBuild.exe /t:Rebuild /tv:15.0 /p:VisualStudioVersion=15.0
<local path>/SonarQube.Scanner.MSBuild.exe end

The bat file should be in the same folder where the projects are located

Documentation reference https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Scanner+for+MSBuild