Sonar Cloud analysis on an NX monorepo

Question

Am just trying to setup a monorepo of angular applications and libraries using NX. Am new to NX but have user sonarcloud before. Now my requirement is to run analysis for the different projects and libraries and have them show in SonarCloud. I followed sonarcloud monorepo guide but did not find it much helpful.

I have few questions and am sure these are basics when it comes to a monorepo but still putting it out here as i did not find much help elsewhere

1. How do i analyse different projects and libraries separately in sonarcloud
2. How do i configure github actions to run only for those that are changed?

Thanks.

Answer 1

This is what we've come up with;

1. create project in sonarcloud, with one project per sub NX project
2. create one sonar-project.properties file at the root of each subproject in your monorepo

your sonar-project.properties should look like;

sonar.projectKey=your-project-key
sonar.organization=your-org
sonar.sources=JUST/the/paths/for/this/sub-project
sonar.exclusions=**/node_modules/**, exclude all the other stuff
...

Your github action, you'll need one sonar token per project. Assuming you have different actions to build each project;

the paths bit at the top of the action tells github to only run those actions if files on those paths change.

name: run-tests-and-sonarcloud-on-pr
on:
  # Trigger the workflow on pull request,
  # for master or develop, but only for stuff in the `path-to-your-project/**` folder
  pull_request:
    branches:
      - develop
      - master
    paths:
      - 'path-to-your-project/**'
jobs:
  run-jest-and-sonar:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        node-version: [16.x]
    steps:

    - uses: actions/checkout@v2

    - name: Use Node.js ${{ matrix.node-version }}
      uses: actions/setup-node@v2
      with:
        node-version: ${{ matrix.node-version }}

    - name: jest
      run: |
        cd your-folder
        npm ci
        npm test
        npm run build

    - name: SonarCloud Scan
      uses: SonarSource/sonarcloud-github-action@master
      with:
        #this bit is key, it'll tell sonar to work from a diff folder
        projectBaseDir: path/to/your/project
      env:
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
        SONAR_TOKEN: ${{ secrets.YOURPROJECT_SONAR_TOKEN }}

Your mileage may vary with this, esp. if you build all projects from the root folder, you might need to do some renaming of sonar-project.properties files on build or something. We have one at the root, then one in several subfolders of our mono-repo.