SonarCloud Analysis broken by recent update to sonar-scanner

[jfpanisset]

SonarCloud analysis for OpenEXR last succeeded in uploading results on 2024-01-13:

https://sonarcloud.io/project/overview?id=AcademySoftwareFoundation_openexr

The issue seems to be caused by the deprecation of the sonar.login parameter:

https://github.com/AcademySoftwareFoundation/openexr/actions/runs/7945073818/job/21691265142

00:32:35.100 WARN: The property 'sonar.login' is deprecated and will be removed in the future. Please use the 'sonar.token' property instead when passing a token.

The documentation as well as OpenImageIO's analysis workflow indicates that it isn't necessary to set the token on the CLI, it should be sufficient to set the SONAR_TOKEN environment variable which analysis_workflow.yml already does.

Removing -Dsonar.login=$SONAR_TOKEN from the sonar-scanner command line should hopefully be sufficient to restore the functionality of uploading results back to the SonarCloud site.

A similar issue exists for Imath and I'll open an Issue agains that project as well.

[cary-ilm]

Hopefully resolved by #1647, thanks for the catch!

[cary-ilm]

I made the change and re-ran the analysis manually and it still failed. Any clue what's causing this?

https://github.com/AcademySoftwareFoundation/openexr/actions/runs/8089544793/job/22105597370

[jfpanisset]

The issue may be caused by running this job in the ci-openexr:2022 container which has too old a version of the Sonar client installed.

Unfortunately releasing older versions of these containers to update the Sonar plugin would be a lot of work. In the CI WG we've discussed getting rid of the plugin completely to avoid this issue.

Fortunately there's a reusable workflow to install the current Sonar plugin, OIIO uses it:

https://github.com/AcademySoftwareFoundation/OpenImageIO/blob/42f2faa5e3131fdee9813188146ce4d33971be11/.github/workflows/analysis.yml#L107

Adding this to your analysis workflow should hopefully do the trick.