Starting today (17 october 2023), SonarCloud is asking for code coverage on files that was ignored before. These files contains classes with following attributes
Welcome to the community and thanks for this report!
Can you confirm that none of your configuration for this project changed, either SonarCloud-side or on the project/build side?
Can you share your analysis logs?
The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.
Both run described, the one with expected behavior, and the one with unexpected behavior, are run against the exact same commit, both on dotnet repository, and pipepline repository. I can confirm there is no code change between both run. These pipelines do not interact with azure devops variable group, so no behavior can change from external values.
Here I guess the log asked, anonymized
2023-10-17T13:55:05.1884940Z ##[section]Starting: Analyse SonarCloud
2023-10-17T13:55:05.1888086Z ==============================================================================
2023-10-17T13:55:05.1888300Z Task : Run Code Analysis
2023-10-17T13:55:05.1888413Z Description : Run scanner and upload the results to the SonarCloud server.
2023-10-17T13:55:05.1888646Z Version : 1.42.0
2023-10-17T13:55:05.1888733Z Author : sonarsource
2023-10-17T13:55:05.1888837Z Help : Version: 1.42.0. This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.
[More Information](https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarcloud-extension-for-azure-devops/)
2023-10-17T13:55:05.1889669Z ==============================================================================
2023-10-17T13:55:05.3182649Z [command]/agent/_work/_tool/dotnet/dotnet /agent/_work/_tasks/SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255/1.39.0/dotnet-sonar-scanner-msbuild/SonarScanner.MSBuild.dll end
2023-10-17T13:55:05.3661102Z SonarScanner for MSBuild 5.14
2023-10-17T13:55:05.3663275Z Using the .NET Core version of the Scanner for MSBuild
2023-10-17T13:55:05.4136362Z Post-processing started.
2023-10-17T13:55:05.5362640Z Calling the SonarScanner CLI...
2023-10-17T13:55:05.6022769Z INFO: Scanner configuration file: /agent/_work/_tasks/SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255/1.39.0/dotnet-sonar-scanner-msbuild/sonar-scanner-4.8.1.3023/conf/sonar-scanner.properties
2023-10-17T13:55:05.6024939Z INFO: Project root configuration file: /agent/_work/15/.sonarqube/out/sonar-project.properties
2023-10-17T13:55:05.6702908Z INFO: SonarScanner 4.8.1.3023
2023-10-17T13:55:05.6703639Z INFO: Java 17.0.7 Amazon.com Inc. (64-bit)
2023-10-17T13:55:05.6704109Z INFO: Linux 6.2.0-1011-azure amd64
2023-10-17T13:55:05.8586990Z INFO: User cache: /home/AzDevOps/.sonar/cache
2023-10-17T13:55:06.0926230Z INFO: Analyzing on SonarCloud
2023-10-17T13:55:06.0931821Z INFO: Default locale: "en", source code encoding: "UTF-8" (analysis is platform dependent)
2023-10-17T13:55:06.4183159Z INFO: Load global settings
2023-10-17T13:55:06.5544160Z INFO: Load global settings (done) | time=137ms
2023-10-17T13:55:06.5575642Z INFO: Server id: 1BD809FA-AWHW8ct9-T_TB3XqouNu
2023-10-17T13:55:06.5642451Z INFO: User cache: /home/AzDevOps/.sonar/cache
2023-10-17T13:55:06.5692175Z INFO: Loading required plugins
2023-10-17T13:55:06.5697727Z INFO: Load plugins index
2023-10-17T13:55:06.7491638Z INFO: Load plugins index (done) | time=179ms
2023-10-17T13:55:06.7499233Z INFO: Load/download plugins
2023-10-17T13:55:06.8419748Z INFO: Load/download plugins (done) | time=93ms
2023-10-17T13:55:07.0478811Z INFO: Loaded core extensions: developer-scanner
2023-10-17T13:55:07.3246353Z INFO: Found an active CI vendor: 'Azure DevOps'
2023-10-17T13:55:07.3335410Z INFO: Load project settings for component key: '***projectkey***'
2023-10-17T13:55:07.4664283Z INFO: Load project settings for component key: '***projectkey***' (done) | time=133ms
2023-10-17T13:55:07.4706653Z INFO: Process project properties
2023-10-17T13:55:07.5110401Z INFO: Project key: ***projectkey***
2023-10-17T13:55:07.5111277Z INFO: Base dir: /agent/_work/15/s/src
2023-10-17T13:55:07.5111729Z INFO: Working dir: /agent/_work/15/.sonarqube/out/.sonar
2023-10-17T13:55:07.5761447Z INFO: Load project branches
2023-10-17T13:55:07.7660902Z INFO: Load project branches (done) | time=190ms
2023-10-17T13:55:07.7678915Z INFO: Check ALM binding of project '***projectkey***'
2023-10-17T13:55:07.9209828Z INFO: Detected project binding: BOUND
2023-10-17T13:55:07.9211045Z INFO: Check ALM binding of project '***projectkey***' (done) | time=153ms
2023-10-17T13:55:07.9230053Z INFO: Load project pull requests
2023-10-17T13:55:08.1008281Z INFO: Load project pull requests (done) | time=178ms
2023-10-17T13:55:08.1033748Z INFO: Load branch configuration
2023-10-17T13:55:08.4937617Z INFO: Load branch configuration (done) | time=391ms
2023-10-17T13:55:08.5001143Z INFO: Load quality profiles
2023-10-17T13:55:08.6660015Z INFO: Load quality profiles (done) | time=167ms
2023-10-17T13:55:08.6710709Z INFO: Load active rules
2023-10-17T13:55:12.0867693Z INFO: Load active rules (done) | time=3416ms
2023-10-17T13:55:12.2477851Z INFO: Organization key: ***orgkey***
2023-10-17T13:55:12.2483302Z INFO: Pull request 43434 for merge into master from feature/pipeline_form
2023-10-17T13:55:12.2596177Z INFO: Load project repositories
2023-10-17T13:55:12.6119948Z INFO: Load project repositories (done) | time=352ms
2023-10-17T13:55:12.6135652Z INFO: SCM collecting changed files in the branch
2023-10-17T13:55:12.6520224Z WARN: Could not find ref: master in refs/heads, refs/remotes/upstream or refs/remotes/origin
2023-10-17T13:55:12.6570654Z INFO: SCM collecting changed files in the branch (done) | time=44ms
2023-10-17T13:55:12.6705695Z INFO: Indexing files...
Unfortunately, my client is very highly restrictive on security, with a wants to use code obfuscation in order to achieve security (I do not personnaly share this strategy, but I am not going into any personnal risk). I am not authorized to display much more than what is already shared. I am sorry to not be able to share the full log
To be clear, there’s no code in an analysis log (unless there’s been a parsing error). It’s perfectly normal to redact sensitive information such as paths, project names(?) and access tokens.
To help us, can you give us the complete log of both SonarCloudPrepare and SonarCloudAnalyze tasks in verbose mode?
If possible, can you also share your MSBuild output?
Can you also share the following information:
the project types you are analyzing
the .NET SDK versions used
the MSBuild version used
You can find below how to enable verbose mode in the scanner:
Share the Scanner for .NET verbose logs
Add /d:"sonar.verbose=true" to the…
SonarScanner.MSBuild.exe or dotnet sonarscannerbegin command to get more detailed logs
For example: SonarScanner.MSBuild.exe begin /k:"MyProject" /d:"sonar.verbose=true"
“SonarQubePrepare” or “SonarCloudPrepare” task’s extraProperties argument if you are using Azure DevOps
I think we have come closer to the issue, the fix will be included in the next release of the C# analyzer. The issue is coming from the analyzer not being loaded at the correct step during the analysis.
In the meantime, you can use the sonar.plugins.loadAll=true option during the SonarCloudPrepare task in your Azure pipeline. This will ensure the C# analyzer is loaded at the right step to detect the generated files and exclude them from the analysis.
