Inconsistencies Between Sonar Cloud Azure Devops and the Visual Studio Plugin

I’m running into an issue where I get inconsistent results between the Azure Devops Scanning Tasks and the results from the Visual Studio Plugin. I have a large file that is generated and contains constants for dropdown values. This results in a lot of S1192 errors when the automated scans run via my CI pipeline but these are not shown in Visual Studio. In addition to this the scan from the Azure DevOps task seem to ignore the #pragma warning disable S1192 directive at the top of the file.

Hey @groogiam!

It would be great if you could include a sample project that reproduces this issue.

See attached repro. MyDropDownTypeDd has S1192 flagged for ParentDropdownName strings when analyzed via Sonar Cloud but not in the Visual Studio plugin. Thanks.

Repro133585.zip (60.1 KB)

Hello @groogiam and thanks a lot for repro project.

  • Could you please tell me which version of the SonarQube IDE for Visual studio you are using?
  • Do you run in connected mode (with the same server that you run the CI analysis)?

Could you please also share the verbose logs from the CI Analysis?

You mentioned that you are using Azure DevOps, so in order to get them

# Applies to SonarQubePrepare as well
- task: SonarCloudPrepare@1
inputs:
SonarCloud: 'sonarcloud'
organization: 'zucchinibreadco'
scannerMode: 'MSBuild'
projectKey: 'zuchhinibreadco_sonar-scanning-someconsoleapp'
projectName: 'sonar-scanning-someconsoleapp'
extraProperties: |
sonar.verbose=true

I’d need both begin and end step logs.

Thanks a lot!

I am using 8.90.11507 of the SonarQube for Visual Studio 22 plugin.

I am not running in connected mode.

It’s going to take me a little time to setup a new pipeline. I believe the CI integration is working as expected at this point with our main code base. It is picking up the errors and the #pragma statement now appears to be honored. My main concern is why the plugin does not display the S1192 errors in the repo project. I would expect the analysis to be the same if not very close locally and on CI given he fact we are using the out of box analysis settings in both environments. Are you able to reproduce the lack of S1192 warnings using just the Visual Studio plugin? Thanks.

Hello @groogiam,

I managed to reproduce the issue.
I’ll come back to you once I have more findings.