Issue with ALM Integration with Azure DevOps Server 2020

I have the same issue as reported here: About bitbucket alm integration connection problem but I am having this issue with Azure DevOps Server 2020.

I am using SonarQube version: 8.9.0.43852

Based on the article I linked above, I tried the following from powershell and was able to connect:

$headers.Add(“Authorization”, ‘Basic OnFuY2k3NndwcHo2cDN0ZWxheTJsY2pxdW5waHFwcmptMmljZGVnaHByYXNsNmhxbXJxNXE=’)
Invoke-RestMethod https://azuredevopsserver.mydomain.com/azure/defaultcollection/_apis/projects?api-version=3.0 -Headers $headers

I know the URL and PAT are correct because the above request returns a JSON list of 100 projects.

The below is what I see on screen when setting up ALM integration.

image1111×439 17.8 KB

I turned on more verbose logging and this is what I see in the WebServer logs:

2021.06.01 09:37:07 DEBUG web[AXnGcC6qeVj3FmdvAADa][o.s.a.c.a.AzureDevOpsHttpClient] check pat : [https://azuredevopsserver.mydomain.com/azure/defaultcollection/_apis/projects?api-version=3.0]
2021.06.01 09:37:16 DEBUG web[AXnGcC6qeVj3FmdvAADb][o.s.a.c.a.AzureDevOpsHttpClient] check pat : [https://azuredevopsserver.mydomain.com/azure/defaultcollection/_apis/projects?api-version=3.0]
2021.06.01 09:37:18 DEBUG web[AXnGcC6qeVj3FmdvAADc][o.s.a.c.a.AzureDevOpsHttpClient] check pat : [https://azuredevopsserver.mydomain.com/azure/defaultcollection/_apis/projects?api-version=3.0]
2021.06.01 09:37:19 DEBUG web[AXnGcC6qeVj3FmdvAADd][o.s.a.c.a.AzureDevOpsHttpClient] check pat : [https://azuredevopsserver.mydomain.com/azure/defaultcollection/_apis/projects?api-version=3.0]

I’m stuck on where to look to try and figure out what the issue might be so any ideas are appreciated. Thanks.

Hi @careywalker!

We’re actually running into the exact same boat… Everything was working fine, then we upgraded to 8.9 (from 8.3, I think), and now we’re getting the same results. The token is solid, but the UI is indicating there’s a problem.

I need to do some deeper investigation, but I think PR decoration is also failing (e.g. I don’t think this is just a bug/false-positive).

I’ve also not found any solution though

@careywalker - We solved our issue. Turns out that the JRE/JDK running SonarQube didn’t have the CA cert used by our Azure DevOps server loaded (e.g. an SSL error was occurring).

Kind of surprising that even with DEBUG logging enabled, NOTHING appeared in the logs to point me in that direction. I guess the takeaway from this is that the DEBUG output that you see (which is all I also also), shows the checks going out, but gives no insight into the success/failure of the calls

Good luck!

Hey @shieldsjared and @careywalker ,
Thanks for pointing this out.
I will carry this to the eng. team to see how we can help you on this.

Thanks!
Kind regards,
Christophe

Hi @shieldsjared ,
our eng. team realized that it has no logs neither. So here is the ticket plan to first enhance the logs to be able next to address this bug https://jira.sonarsource.com/browse/SONAR-15064

Kind regards,
Christophe

@shieldsjared Thanks for the solution, that solved it for me as well.

where did u add azure devops certificate?

@padma_priyakantipaka I believe I added it to the trusted certificate store of the JRE that is running SonarQube.

Okay, and I could see you were using azure devops server, we are using azure devops…do you have an idea where did u get azure devops certificate from?