Issues with SonarQube integration with Azure DevOps

Version: * Developer Edition Version 9.2.1

We are trying to add integration between Azure DevOps services and SonarQube but falling over at the first hurdle.

We have SonarQube server setup on a virtual PC within the company network (accessible within the local network or via VPN).

I have created a PAT in DevOps with full access and attempted to setup the integration in SonarQube but when I enter ‘Check Confiugration’ I get the error:

‘Invalid Azure URL or Personal Access Token’

Both the URL and PAT are valid so I believe there must be an issue with the connection between SonarQube and Azure Devops. Could this be due to the location of the SonarQube server? Are other ports required to be opened outside of port 9000?

Hey there.

The connection logging was greatly improved in SonarQube v9.5 (SONAR-15064), which is also currently the only supported version of SonarQube v9.x.

My first recommendation would be upgrading.

I’ll look into upgrading the server first to v9.5

Hi, I’ve since upgraded the server to v9.5. The issue still stands here is the log after pressing ‘Check Configuration’:

2022.08.10 15:12:24 ERROR web[AYKH/p8Xmt+VEz+hAABK][o.s.a.c.a.AzureDevOpsHttpClient] Unable to contact Azure DevOps server for request [Azure DevOps Services | Sign In]: [Connection reset]

This is with Debug enabled:

2022.08.10 15:19:28 DEBUG web[AYKH/p8Xmt+VEz+hAABg][o.s.a.c.a.AzureDevOpsHttpClient] check pat : [Azure DevOps Services | Sign In]
2022.08.10 15:19:29 ERROR web[AYKH/p8Xmt+VEz+hAABg][o.s.a.c.a.AzureDevOpsHttpClient] Unable to contact Azure DevOps server for request [Azure DevOps Services | Sign In]: [Connection reset]

Hi would it be possible to get some input on this? Is this issue due the sonarqube server being on virtual PC on the domain network? Do I need to contact IT to open certain ports? Is a reverse proxy required to be configured?

Please do not bump threads after less than a day.

It looks like your server can’t get in touch with Azure DevOps – I would suggest you take SonarQube out of the picture entirely and test the connection using a tool like SSLPoke.

Apologies, I’ve tried SSLPoke and get the errors:

java SSLPoke dev.azure.com 443

javax.net.ssl.SSLException: Connection reset
        at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:127)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:369)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:312)
        at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:307)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:144)
        at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1369)
        at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1278)
        at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:401)
        at java.base/sun.security.ssl.SSLSocketImpl.ensureNegotiated(SSLSocketImpl.java:817)
        at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1183)
        at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1155)
        at SSLPoke.main(SSLPoke.java:23)
        Suppressed: java.net.SocketException: Connection reset by peer: socket write error
                at java.base/java.net.SocketOutputStream.socketWrite0(Native Method)
                at java.base/java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:110)
                at java.base/java.net.SocketOutputStream.write(SocketOutputStream.java:150)
                at java.base/sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:83)
                at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:400)
                ... 10 more
Caused by: java.net.SocketException: Connection reset
        at java.base/java.net.SocketInputStream.read(SocketInputStream.java:186)
        at java.base/java.net.SocketInputStream.read(SocketInputStream.java:140)
        at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:478)
        at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:472)
        at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:160)
        at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:110)
        ... 7 more

I just realised I used the wrong port there, it should be 9000: After doing the same command with port 9000, I get:

java SSLPoke dev.azure.com 9000

java.net.ConnectException: Connection timed out: connect
        at java.base/java.net.PlainSocketImpl.connect0(Native Method)
        at java.base/java.net.PlainSocketImpl.socketConnect(PlainSocketImpl.java:101)
        at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:399)
        at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:242)
        at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:224)
        at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.base/java.net.Socket.connect(Socket.java:608)
        at java.base/sun.security.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:287)
        at java.base/sun.security.ssl.SSLSocketImpl.<init>(SSLSocketImpl.java:146)
        at java.base/sun.security.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:88)
        at SSLPoke.main(SSLPoke.java:17)

I don’t think the port should be 9000 for Azure DevOps – that’s the default port of your SonarQube instance, not Azure DevOps.

In any case it looks like a connectivity issue between your server and Azure, not something specific to SonarQube. You should engage your network/system administration team.