Azure DevOps Pull Request status check fails despite passed quality gate

We’ve configured an analyze pipeline in Azure DevOps which runs our unit/integration tests using VSTest and sends the results to SonarCloud.

This works fine, and the Quality Gate for our Pull Requests says “Passed” when looking at SonarCloud.

The problem arrives when we want to deal with code coverage. We’ve added our pipelines’ Code Coverage as a Status Check for all PRs in Azure DevOps.
Whenever a PR has 0 files relevant to perform Code Coverage analysis on (we’ve omitted a pattern in the Analysis Scope in SonarCloud) the coverage status check will fail, thus preventing PRs.

Is there any way we can configure this differently, to allowed 0 changed files to password coverage?

Hey there.

Can you give more details about this status check? This sounds like something separate from SonarCloud.

The status check is an Azure DevOps thing, where it’s responding to the code coverage result from SonarCloud. So yes it could very well be an issue within Azure DevOps, however I doubt that’s likely to change any time soon, so what I’m looking for is ideas for SonarCloud configuration that could alleviate the issue.

It looks like this, and the name “static analysis” is the name of our Azure DevOps Pipeline that runs the actual SonarCloud analysis. The “/codecoverage” part is some Azure DevOps exposes for that pipeline.

static analysis/codecoverage is not a status check that corresponds to information coming from SonarCloud.

If you want to rely on SonarCloud information only for the code coverage requirement, you should rely on the SonarCloud Quality Gate status check (see the documentation on Branch and Pull Request Analysis).

Good point Colin, it seems like somebody’s been trying to do a workaround for that in this repository (it’s somewhat old and configured by my predecessor)

Regardless, the option to select SonarCloud/Quality Gate does not exist. We do however run a pipeline that sends information to Sonar (the one named “static analysis”)

Do you happen to have an idea why the proper status check is missing from our list of options?
I’ve just read through the documentation link you sent, and sadly it didn’t give any insights into this :frowning:

That’s a horse of a different color!

The status check becomes available the first time a pull request for a repository has been decorated by SonarCloud. It sounds like the decoration isn’t successful – have you ever received comments on your pull requests after a SonarCloud analysis?

Sorry about starting off in the wrong direction, but good thing we’re on the right track now :slight_smile:

I haven’t been too involved in the project in question, but I just checked a bunch of PRs and none had comments from SonarCloud. So it sounds like you’re correct it doesn’t decorate it properly.

The DevOps pipeline is rather old, and is for a dotnet project using VSTest. Not too sure if that could be playing into this, but all our other (newer) pipelines using dotnet for tests, works correctly. The project though has an age where we have to use VSTest so I can’t verify if this is the cause or not.

Do you have an idea what could be the culprit (for the lack of decoration) ?

I’ll reach out for a few pieces of private information to help troubleshoot.

1 Like

Dear Steffen,

The pull request decoration is not working for your project. I had a look at the logs and could see an error because the Azure DevOps access token is not valid. This is why it is not working.

So I invite you to reconfigure your token following the documentation: Azure DevOps | SonarCloud Docs.

Let me know if it solves your issue.

1 Like

Sorry about the late reply, I’ve been swamped with other tasks :-/

As far as I can tell though, the token is fine. This is the status in the administration in SonarCloud:
Status of you current token: is valid. You can still change it here if you want:

Where did you see indications that the token is not valid, and does it log a complete error message?

Hi Steffen,

I saw the message in our logs, unfortunately it doesn’t specify why the token is invalid.
Seeing “Status of you current token: is valid. You can still change it here if you want” doesn’t guarantee that your token has the requested access, it means it is not expired.

As a first step, I suggest to verify that your token has the requested permissions. For that, you can follow the steps documented on this community thread.

If you can’t fetch the list of repositories, then there is something wrong with the token and this is why your Pull Request decoration is not working.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.