AzureDevops pipeline reports invalid project guid for temp generated workerextensions.csproj

I have a .NET solution which contains an azure function app project. When I run this AzureDevops pipeline task, I get the following error message. I have tried setting the sonar.projectBaseDir so that the temporary generated solution will be excluded, but it seems to have no effect.

  - task: SonarCloudPrepare@1
    inputs:
      SonarCloud: "SonarCloud_POC"
      organization: redacted
      scannerMode: "MSBuild"
      projectKey: ${{ parameters.sonarProjectKey }}
      projectName: ${{ parameters.projectName }}
      extraProperties: |
        sonar.projectBaseDir=$(build.SourcesDirectory)
        sonar.cs.opencover.reportsPaths=$(build.SourcesDirectory)/coverage/**/coverage.opencover.xml
        sonar.exclusions=**/packages/**,**/bin/**,**/obj/**,**/*.dll
  WorkerExtensions -> C:\Users\VssAdministrator\AppData\Local\Temp\sjcko3ut.bvd\buildout\Microsoft.Azure.Functions.Worker.Extensions.dll
##[warning]D:\a\1\.sonarqube\bin\targets\SonarQube.Integration.targets(369,5): Warning : The project does not have a valid ProjectGuid. Analysis results for this project will not be uploaded. Project file: C:\Users\VssAdministrator\AppData\Local\Temp\sjcko3ut.bvd\WorkerExtensions.csproj
D:\a\1\.sonarqube\bin\targets\SonarQube.Integration.targets(369,5): warning : The project does not have a valid ProjectGuid. Analysis results for this project will not be uploaded. Project file: C:\Users\VssAdministrator\AppData\Local\Temp\sjcko3ut.bvd\WorkerExtensions.csproj [C:\Users\VssAdministrator\AppData\Local\Temp\sjcko3ut.bvd\WorkerExtensions.csproj]

Hey there.

Does this actually fail your analysis, or are you only trying to get rid of the warning?

I’m trying to get rid of the warning. The analysis appears to run successfully.

1 Like

I’ve flagged this for some attention.

Hello @chaoticnadirs

Could you please share the msbuild detailed logs ?

MsBuild.exe /t:Rebuild /v:d

or

dotnet build -v:d

Does this project have a project guid set and if yes, could you share it with us?

The build logs are attached. The project that throws the warning is an auto-generated project. I don’t have the option to assign a project guid.

build-log.txt (3.1 MB)

Hello @chaoticnadirs

What I saw from the logs is that it is not us generating the invalid GUID.
It should be that the generated WorkerExtensions.csproj project for whatever reason has an invalid ProjectGuid.

Could you please provide us with the binary diagnostic level logs of the build? This should let us see the project GUID and understand what is the problem with its format.

To create the binary logs you have to use the -bl switch. For more information take a look at the documentation.

We have the same problem.
You can reproduce it by creating a azure functions app that run in isolated mode.

Since this have been a problem for 8 month we fixed local.
by creating a powershell script that update file: .sonarqube\bin\targets\SonarQube.Integration.targets

Like this:

$xml = [xml](Get-Content $sonarQubeIntegrationTargetsPath)
$SonarWriteProjectData = ($xml.Project.Target | Where-Object {$_.Name -eq "SonarWriteProjectData" }).PropertyGroup

$node = $xml.CreateElement("ProjectGuid", $SonarWriteProjectData.SchemaInfo.NamespaceURI)
$attribute = $xml.CreateAttribute("Condition")
$attribute.Value = @'
$(ProjectGuid) == '' AND $([System.String]::new('$(MSBuildProjectFullPath)').EndsWith('WorkerExtensions.csproj'))
'@
$node.InnerText = '{$([System.Guid]::NewGuid())}'
$node.Attributes.Append($attribute) | Out-Null

$SonarWriteProjectData.AppendChild($node) | Out-Null

$xml.Save($sonarQubeIntegrationTargetsPath)

We have the same issue with a brand new .NET8 isolated function app.
SonarQube is only handling this as a warning, but we also use Fortify which sees it as an error.

I’m not sure where the origin of this error is.

I also asked this question at the dotnet repo and they replied very swift and explained this is really an issue with SonarQube: The project does not have a valid ProjectGuid. WorkerExtensions.csproj · Issue #99352 · dotnet/runtime · GitHub

When can we expect a solution from SonarQube?

Thanks @HenrikSommer-eng and @Paul_Meems for putting this back on our plate.

We have noticed having problems with the WorkerExtensions project in sonar-scanner-msbuild/issues/1309, in the context of Azure Functions.

@Paul_Meems @HenrikSommer-eng do I understand well that in your case, the analysis is failing?

We use ProjectGuids as identifiers for the projects. As you see here, we use this in our validation process.

But for source-generated projects, anyway we should not import results at all as the files are not on disk.

We may want to transform this from a WARN to an INFO-level message for source-generated projects.

I can’t remember 100% but I dont think the analysis failed.
But the pipeline have warning and we only want to see warning we can do something about.

Change it to INFO-level message for source generated projects sound like a fix.

Sorry for being late.

I’ve created Log INFO level when source generated projects don't have valid GUIDs · Issue #1899 · SonarSource/sonar-scanner-msbuild · GitHub

A post was split to a new topic: Azure Functions project fails analysis