MonoRepo analyses fails after Azure Devops Organization binding issues

PeterBa · December 16, 2025, 8:58am

We are experience issues of monorepo analysis since SonarQube-Cloud can’t authenticate with Azure Devops.

The token has been regenerated;

But the failed authentication persists.

Log

2025-12-16T07:49:17.7746512Z ##[section]Starting: Run Code Analysis
2025-12-16T07:49:17.7753065Z ==============================================================================
2025-12-16T07:49:17.7753205Z Task         : Run Code Analysis
2025-12-16T07:49:17.7753305Z Description  : Run scanner and upload the results to SonarQube Cloud.
2025-12-16T07:49:17.7753423Z Version      : 3.4.3
2025-12-16T07:49:17.7753516Z Author       : sonarsource
2025-12-16T07:49:17.7753621Z Help         : This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

[More Information](https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarcloud-extension-for-azure-devops/)
2025-12-16T07:49:17.7753841Z ==============================================================================
2025-12-16T07:49:18.0244129Z [command]D:\a\_work\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\3.4.3\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe end
2025-12-16T07:49:18.0751052Z SonarScanner for MSBuild 10.3
2025-12-16T07:49:18.0754156Z Using the .NET Framework version of the Scanner for MSBuild
2025-12-16T07:49:18.1120707Z Post-processing started.
2025-12-16T07:49:18.4016313Z Calling the TFS Processor executable...
2025-12-16T07:49:18.5238752Z Property 'sonar.cs.vstest.reportsPaths' provided, skipping the search for TRX files in default folders...
2025-12-16T07:49:18.9439789Z Did not find any binary coverage files in the expected location.
2025-12-16T07:49:18.9450401Z Falling back on locating coverage files in the agent temp directory.
2025-12-16T07:49:18.9455096Z Searching for coverage files in D:\a\_work\_temp
2025-12-16T07:49:18.9473606Z All matching files: count=9
2025-12-16T07:49:18.9476938Z 	D:\a\_work\_temp\93ca07c5-776f-4296-bd8b-3a143f2816c2\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage
2025-12-16T07:49:18.9477811Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_47_53\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage
2025-12-16T07:49:18.9478785Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_47_54\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage
2025-12-16T07:49:18.9479822Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_31\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_31.coverage
2025-12-16T07:49:18.9480533Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_34\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_34.coverage
2025-12-16T07:49:18.9481209Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_35\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_54.coverage
2025-12-16T07:49:18.9481870Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_57\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_00.coverage
2025-12-16T07:49:18.9482557Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_49_04\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_06.coverage
2025-12-16T07:49:18.9484055Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_49_05\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_12.coverage
2025-12-16T07:49:19.0309414Z Unique coverage files: count=9
2025-12-16T07:49:19.0312165Z 	D:\a\_work\_temp\93ca07c5-776f-4296-bd8b-3a143f2816c2\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage
2025-12-16T07:49:19.0313085Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_47_53\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage
2025-12-16T07:49:19.0313953Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_47_54\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage
2025-12-16T07:49:19.0314691Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_31\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_31.coverage
2025-12-16T07:49:19.0315964Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_34\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_34.coverage
2025-12-16T07:49:19.0316771Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_35\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_54.coverage
2025-12-16T07:49:19.0319051Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_57\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_00.coverage
2025-12-16T07:49:19.0319636Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_49_04\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_06.coverage
2025-12-16T07:49:19.0320189Z 	D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_49_05\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_12.coverage
2025-12-16T07:49:19.1138838Z Converting coverage file 'D:\a\_work\_temp\93ca07c5-776f-4296-bd8b-3a143f2816c2\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage' to 'D:\a\_work\_temp\93ca07c5-776f-4296-bd8b-3a143f2816c2\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coveragexml'.
2025-12-16T07:49:19.7175534Z Converting coverage file 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_47_53\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage' to 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_47_53\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coveragexml'.
2025-12-16T07:49:19.7179451Z Converting coverage file 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_47_54\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coverage' to 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_47_54\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_47_53.coveragexml'.
2025-12-16T07:49:19.7241477Z Converting coverage file 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_31\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_31.coverage' to 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_31\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_31.coveragexml'.
2025-12-16T07:49:19.7458165Z Converting coverage file 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_34\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_34.coverage' to 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_34\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_34.coveragexml'.
2025-12-16T07:49:19.7699172Z Converting coverage file 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_35\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_54.coverage' to 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_35\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_48_54.coveragexml'.
2025-12-16T07:49:20.2055622Z Converting coverage file 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_57\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_00.coverage' to 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_48_57\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_00.coveragexml'.
2025-12-16T07:49:20.6076992Z Converting coverage file 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_49_04\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_06.coverage' to 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_49_04\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_06.coveragexml'.
2025-12-16T07:49:20.9756024Z Converting coverage file 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_49_05\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_12.coverage' to 'D:\a\_work\_temp\AzDevOps_decf6004e000000_2025-12-16_07_49_05\In\decf6004e000000\AzDevOps_decf6004e000000_2025-12-16.07_49_12.coveragexml'.
2025-12-16T07:49:21.4102965Z Coverage report conversion completed successfully.
2025-12-16T07:49:21.4195955Z The TFS Processor has finished
2025-12-16T07:49:21.4260025Z Calling the SonarScanner CLI...
2025-12-16T07:49:21.5624226Z INFO: Scanner configuration file: D:\a\_work\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\3.4.3\classic-sonar-scanner-msbuild\sonar-scanner-5.0.2.4997\bin\..\conf\sonar-scanner.properties
2025-12-16T07:49:21.5637656Z INFO: Project root configuration file: D:\a\_work\1\.sonarqube\out\sonar-project.properties
2025-12-16T07:49:21.6457025Z INFO: SonarScanner 5.0.2.4997
2025-12-16T07:49:21.6458379Z INFO: Java 17.0.11 Eclipse Adoptium (64-bit)
2025-12-16T07:49:21.6458921Z INFO: Windows Server 2022 10.0 amd64
2025-12-16T07:49:21.6479704Z INFO: SONAR_SCANNER_OPTS=-Djavax.net.ssl.trustStoreType=Windows-ROOT -D<sensitive data removed>
2025-12-16T07:49:22.2464318Z INFO: User cache: C:\Users\AzDevOps\.sonar\cache
2025-12-16T07:49:23.2677293Z INFO: Analyzing on SonarCloud
2025-12-16T07:49:23.2681713Z INFO: Default locale: "en_US", source code encoding: "windows-1252" (analysis is platform dependent)
2025-12-16T07:49:28.6832462Z INFO: Load global settings
2025-12-16T07:49:28.9150314Z INFO: Load global settings (done) | time=237ms
2025-12-16T07:49:28.9822330Z INFO: Server id: 1BD809FA-AWHW8ct9-T_TB3XqouNu
2025-12-16T07:49:29.7419628Z INFO: Loading required plugins
2025-12-16T07:49:29.7420696Z INFO: Load plugins index
2025-12-16T07:49:29.7877162Z INFO: Load plugins index (done) | time=47ms
2025-12-16T07:49:29.7885069Z INFO: Load/download plugins
2025-12-16T07:49:30.2435092Z INFO: Load/download plugins (done) | time=469ms
2025-12-16T07:49:30.3996871Z INFO: Loaded core extensions: sca, architecture, a3s
2025-12-16T07:49:30.7391564Z INFO: Process project properties
2025-12-16T07:49:30.8249952Z INFO: Project key: NEXUS_Behandel-WebApi
2025-12-16T07:49:30.8251215Z INFO: Base dir: D:\a\_work\1\s
2025-12-16T07:49:30.8252536Z INFO: Working dir: D:\a\_work\1\.sonarqube\out\.sonar
2025-12-16T07:49:30.8348285Z INFO: Found an active CI vendor: 'Azure DevOps'
2025-12-16T07:49:30.8411659Z INFO: Load project branches
2025-12-16T07:49:31.0604522Z INFO: Load project branches (done) | time=219ms
2025-12-16T07:49:31.0651900Z INFO: Load project settings for component key: 'NEXUS_Behandel-WebApi'
2025-12-16T07:49:31.2738851Z INFO: Load project settings for component key: 'NEXUS_Behandel-WebApi' (done) | time=209ms
2025-12-16T07:49:31.2788724Z INFO: Inferred api base url 'https://api.sonarcloud.io' from host url 'https://sonarcloud.io'.
2025-12-16T07:49:32.0961661Z INFO: Inferred api base url 'https://api.sonarcloud.io' from host url 'https://sonarcloud.io'.
2025-12-16T07:49:32.3304513Z INFO: Check ALM binding of project 'NEXUS_Behandel-WebApi'
2025-12-16T07:49:32.3658179Z INFO: Detected project binding: BOUND
2025-12-16T07:49:32.3661424Z INFO: Check ALM binding of project 'NEXUS_Behandel-WebApi' (done) | time=36ms
2025-12-16T07:49:32.3687237Z INFO: Load project pull requests
2025-12-16T07:49:32.6556937Z INFO: Load project pull requests (done) | time=286ms
2025-12-16T07:49:32.6593693Z INFO: Load branch configuration
2025-12-16T07:49:32.7761505Z INFO: ------------------------------------------------------------------------
2025-12-16T07:49:32.7762044Z INFO: EXECUTION FAILURE
2025-12-16T07:49:32.7763320Z INFO: ------------------------------------------------------------------------
2025-12-16T07:49:32.7764733Z INFO: Total time: 11.236s
2025-12-16T07:49:32.8267509Z INFO: Final Memory: 50M/158M
2025-12-16T07:49:32.8269412Z INFO: ------------------------------------------------------------------------
2025-12-16T07:49:32.8271650Z ##[error]ERROR: Error during SonarScanner execution
2025-12-16T07:49:32.8273206Z ERROR: Error during SonarScanner execution
2025-12-16T07:49:32.8279462Z ##[error]ERROR: Could not find the pullrequest with key '52706'
ERROR: Caused by: Error 404 on https://sonarcloud.io/api/alm_integration/show_pullrequest?project=NEXUS_Behandel-WebApi&pullrequestKey=52706 : {"errors":[{"msg":"You don\u0027t have permission, or the provided pullrequest with key \u002752706\u0027 doesn\u0027t exist."}]}
ERROR:
2025-12-16T07:49:32.8280787Z ERROR: Could not find the pullrequest with key '52706'
2025-12-16T07:49:32.8281684Z ERROR: Caused by: Error 404 on https://sonarcloud.io/api/alm_integration/show_pullrequest?project=NEXUS_Behandel-WebApi&pullrequestKey=52706 : {"errors":[{"msg":"You don\u0027t have permission, or the provided pullrequest with key \u002752706\u0027 doesn\u0027t exist."}]}
2025-12-16T07:49:32.8282159Z ERROR: 
2025-12-16T07:49:33.1878602Z ##[error]The SonarScanner did not complete successfully
2025-12-16T07:49:33.1880151Z The SonarScanner did not complete successfully
2025-12-16T07:49:33.1881224Z ##[error]07:49:33.176  Post-processing failed. Exit code: 1
2025-12-16T07:49:33.1881833Z 07:49:33.176  Post-processing failed. Exit code: 1
2025-12-16T07:49:33.1909840Z 
2025-12-16T07:49:33.1989049Z ##[error][ERROR] SonarQube Cloud: Error while executing task Analyze: The process 'D:\a\_work\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\3.4.3\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe' failed with exit code 1
2025-12-16T07:49:33.1990926Z ##[error]The process 'D:\a\_work\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\3.4.3\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe' failed with exit code 1
2025-12-16T07:49:33.2047778Z ##[section]Finishing: Run Code Analysis

ganncamp · December 17, 2025, 2:17pm

Hi,

Unfortunately, all I can really advise here is to work on getting a good PAT into there. If that initial form is telling you the PAT is bad, then we can’t go much further without fixing that.

Ann

PeterBa · December 22, 2025, 9:20am

I would like a bit more support hen the default reply in this case.

I recreated the PAT in Azure Devops. with Code (Read & Write). This gave me the Failed authentication, the token used is likely not valid.

Same goes if i give the PAT full access.

I had Co-pilot write a little script to test the PAT. I’d usually do it myself but its a few days before xmas and felt lazy..

# ==== CONFIGURATION ====
$organization = "orgname"          # e.g. "mycompany"
$project      = "project"      # e.g. "MyProject"
$repository   = "repo"         # e.g. "MyRepo"
$pat          = "supersecretpat"

# ==== AUTH HEADER ====
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$pat"))
$headers = @{ Authorization = "Basic $base64AuthInfo" }

Write-Host "=== Testing PAT for Code Read / Write ===`n"

# ==== 1. TEST CODE READ ====
$readUrl = "https://dev.azure.com/$organization/$project/_apis/git/repositories/$repository/items?path=/&api-version=7.1-preview.1"

Try {

    $readResponse = Invoke-RestMethod -Uri $readUrl -Headers $headers -Method Get

    Write-Host "✔ CODE READ: PAT can read the repository." -ForegroundColor Green
}
catch {
    Write-Host "✖ CODE READ FAILED: PAT cannot read the repository." -ForegroundColor Red
}

# ==== TEST CODE WRITE ====
$branchName = "pat-test-" + (Get-Random)

$createUrl = "https://dev.azure.com/$organization/$project/_apis/git/repositories/$repository/pushes?api-version=7.1-preview.2"

$body = @{
    refUpdates = @(
        @{
            name        = "refs/heads/$branchName"
            oldObjectId = "0000000000000000000000000000000000000000"
        }
    )
    commits = @(
        @{
            comment = "PAT write test"
            changes = @(
                @{
                    changeType = "add"
                    item       = @{ path = "/pat-test.txt" }
                    newContent = @{
                        content     = "This is a PAT write test."
                        contentType = "rawtext"
                    }
                }
            )
        }
    )
} | ConvertTo-Json -Depth 10

try {
    $result = Invoke-RestMethod -Uri $createUrl -Headers $headers -Method Post -Body $body -ContentType "application/json"
    Write-Host "✔ CODE WRITE: PAT can create commits." -ForegroundColor Green
}
catch {
    Write-Host "✖ CODE WRITE FAILED" -ForegroundColor Red
    Write-Host $_.Exception.Message
}

With result:

So i verified that the PAT is valid and has the proper permissions as required by SonarQubeCloud.

I also know that the connection between Sonar and ADO works because non monorepo analyses work fine. The only features that dont work are monorepo and pull request decorations.

PeterBa · December 22, 2025, 12:48pm

We managed to resolve this issue. The PAT permissions were correct, but the account which we use for monorepo and pull request decorations did have its basic license revoked, so it couldn’t actually enter Azure Devops.

system · December 29, 2025, 12:49pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Pull Requests in AzureDevOps monorepos not found SonarQube Cloud	6	427	October 25, 2023
Error: Not Authorized, but only for pull requests. Other scans successful SonarQube Cloud azuredevops-services , sonarqube-cloud	16	1752	March 26, 2021
Azure Devops Quality Gate stay pending SonarQube Cloud azuredevops-services	30	1708	March 23, 2023
Not able to convert an existing project to a monorepo or add new for Azure DevOps Repo SonarQube Cloud azuredevops-services	5	757	November 11, 2021
Azure Devops - Sonarcloud Analysis - Could not find the pullrequest with key when creating PR in Az SonarQube Cloud pull-request , coverage , dotnet , me-too	4	446	November 9, 2023

MonoRepo analyses fails after Azure Devops Organization binding issues

Related topics