FIPS enabled server now fails on Prepare Analysis Configuration v 5.9.0

SonarQube
,
1

We were just pushed version 5.9.0 of the Sonarqube by SonarSource Azure DevOps Server 2022, and due to program requirements FIPS is enabled on our servers and the builds are now broken on the Prepare analysis on SonarQube step.

Starting: Prepare analysis on SonarQube
==============================================================================
Task         : Prepare Analysis Configuration
Description  : Prepare SonarQube analysis configuration
Version      : 4.32.0
Author       : sonarsource
Help         : Version: 4.32.0. [More Information](http://redirect.sonarsource.com/doc/install-configure-scanner-tfs-ts.html)
==============================================================================
D:\agents\agent1\_work\_tasks\SonarQubePrepare_15b84ca1-b62f-4a2a-a403-89b77a063157\4.32.0\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe begin /k:Catalog
SonarScanner for MSBuild 5.9.2
Using the .NET Framework version of the Scanner for MSBuild
Pre-processing started.
Preparing working directories...
14:31:26.557  Updating build integration targets...
14:31:26.9  Fetching analysis configuration settings...
14:31:27.166  Provisioning analyzer assemblies for cs...
14:31:27.166  Installing required Roslyn analyzers...
14:31:27.322  Provisioning analyzer assemblies for vbnet...
14:31:27.322  Installing required Roslyn analyzers...

##[error]Unhandled Exception:
##[error]System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
   at System.Security.Cryptography.SHA256Managed..ctor()
   at SonarScanner.MSBuild.PreProcessor.CacheProcessor..ctor(ISonarWebService server, ProcessedArgs localSettings, IBuildSettings buildSettings, ILogger logger)
   at SonarScanner.MSBuild.PreProcessor.PreProcessor.<DoExecute>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarScanner.MSBuild.PreProcessor.PreProcessor.<Execute>d__6.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SonarScanner.MSBuild.BootstrapperClass.<PreProcess>d__10.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
1 Like
2

Hi,

Sorry, but we just don’t support FIPS. Can you disable it?

 
Ann

3

We’re required to have FIPS running due to client requirements, and this worked prior to the latest update. In 2020 this broke and someone fixed it in github and the subsequent updated fixed our build errors. Yesterday someone else created a PR to fix the problem code and mentioned in in the previous issue.

FIPS enabled on Build server fails on Run Code Analysis · Issue #870 · SonarSource/sonar-scanner-msbuild (github.com)