Missing blame information from Azure DevOps git repo via Azure DevOps pipeline

I’m unable to get blame information into SonarCloud, so the assignment of issues doesn’t work. I’ve had the same issue across multiple repos and 7 different projects (some C# and some Typescript) but all the analyze logs quote the same lines :

WARN: Missing blame information for the following files:
WARN: * ExampleOne/ProjectOne/Program.cs
WARN: This may lead to missing/broken features in SonarCloud

Azure DevOps git repo
Azure DevOps pipeline

I’m having the same issues with both C# Code (MSBuild scanner) and TypeScript code (CLI scanner).

For the sake of repro, I’ve created a clean repo, added a simple console app with a couple of issues and a new Azure Devops pipeline using the 3 SonarCloud extensions. I’m getting the same results.

GIT BLAME returns the users you’d expect and our dev IDEs show who was responsible for the code, but sonarcloud’s sonar scanners don’t seem able to & I’m out of ideas.

My pipeline yaml file looks like this :

# ASP.NET Core (.NET Framework)
# Build and test ASP.NET Core projects targeting the full .NET Framework.
# Add steps that publish symbols, save build artifacts, and more:
# https://docs.microsoft.com/azure/devops/pipelines/languages/dotnet-core

trigger:
- development

pool:
  vmImage: 'windows-latest'

variables:
  solution: '**/*.sln'
  buildPlatform: 'Any CPU'
  buildConfiguration: 'Release'

steps:
- task: NuGetToolInstaller@1

- task: NuGetCommand@2
  inputs:
    restoreSolution: '$(solution)'
- task: SonarCloudPrepare@1
  inputs:
    SonarCloud: 'SonarCloud'
    organization: 'xxxxxxxxxxxxxxxxxxxxxxxxxxx'
    scannerMode: 'MSBuild'
    projectKey: 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxx_MacTest'
    projectName: 'MacTest'
    projectVersion: $(Build.BuildNumber)
- task: VSBuild@1
  inputs:
    solution: '$(solution)'
    msbuildArgs: '/p:DeployOnBuild=true /p:WebPublishMethod=Package /p:PackageAsSingleFile=true /p:SkipInvalidConfigurations=true /p:DesktopBuildPackageLocation="$(build.artifactStagingDirectory)\WebApp.zip" /p:DeployIisAppPath="Default Web Site"'
    platform: '$(buildPlatform)'
    configuration: '$(buildConfiguration)'
- task: SonarCloudAnalyze@1
- task: SonarCloudPublish@1
  inputs:
    pollingTimeoutSec: '300'
- task: VSTest@2
  inputs:
    platform: '$(buildPlatform)'
    configuration: '$(buildConfiguration)'

Relevant looking output from the analyze step (can provide more, but it’s quite large obviously)

Starting: SonarCloudAnalyze

Task : Run Code Analysis
Description : Run scanner and upload the results to the SonarCloud server.
Version : 1.31.1
Author : sonarsource
Help : Version: 1.31.1. This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

More Information

D:\a_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\1.28.1\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe end
SonarScanner for MSBuild 5.6
.
.
INFO: SCM Publisher SCM provider for this project is: git
INFO: SCM Publisher 1 source file to be analyzed
INFO: Blaming files using native implementation
INFO: Blaming files using native implementation (done) | time=53ms
INFO: SCM Publisher 0/1 source files have been analyzed (done) | time=242ms
WARN: Missing blame information for the following files:
WARN: * ExampleOne/ProjectOne/Program.cs
WARN: This may lead to missing/broken features in SonarCloud

Hi @mcrimes ,

Welcome to Sonar Community! :sonar:

Can you be more specific at this step? You added a couple of issues, but did you git add and git commit those changes before git push’ing it to your remote repository?

If you don’t do git add/git commit/git push or some form of update in the remote repository, blame data and git annotations will be missing, hence the following warning in your Sonar analysis logs:

Yes, we’ve done lots of commits to git over the last month. As I said, GIT BLAME is reporting commit authors quite happily, but sonar scanner isn’t reporting the same.

Happy to post any additional info which might be useful, but aside from the whole analysis log, I’m not sure what else might be helpful.