I’m using Sonarcloud with Azure Devops but I can get the PR decoration to work. I have successfully imported the project in Sonarcloud and I can see the result of the analysis, but nothing is reported back to Azure Devops.
Any ideas on how to troubleshoot the connection? Is there a log in Sonarcloud somewhere or some way of testing the connection?
Finally, have you configured a valid token at either the project-level Administration > General Settings > Pull Requests) or at the organiztion-level (Administration > Organization settings > Azure DevOps connectivity management)?
Thank you for replying. Thats a Yes on all those three question.
Here’s the output from the background worker on a PR build.
I can see that the value of our project name (key: sonar.pullrequest.vsts.project) is wrongly encoded. Could that be the issue?
SonarCloud plugins:
- IaC Code Quality and Security 1.5.0.1600 (iac)
- PL/SQL Code Quality and Security 3.7.0.4372 (plsql)
- Scala Code Quality and Security 1.9.0.3429 (sonarscala)
- C# Code Quality and Security 8.35.0.42613 (csharp)
- Vulnerability Analysis 9.3.0.14923 (security)
- Java Code Quality and Security 7.8.0.28662 (java)
- HTML Code Quality and Security 3.6.0.3106 (web)
- Flex Code Quality and Security 2.7.0.2865 (flex)
- XML Code Quality and Security 2.5.0.3376 (xml)
- Text file Code Quality and Security 1.0.0.120 (text)
- VB.NET Code Quality and Security 8.35.0.42613 (vbnet)
- Swift Code Quality and Security 4.5.0.5305 (swift)
- CFamily Code Quality and Security 6.30.0.42324 (cpp)
- Python Code Quality and Security 3.9.0.9230 (python)
- Go Code Quality and Security 1.9.0.3429 (go)
- JaCoCo 1.1.1.1157 (jacoco)
- Kotlin Code Quality and Security 2.9.0.1147 (kotlin)
- Mercurial 1.1.2 (scmmercurial)
- T-SQL Code Quality and Security 1.6.0.4844 (tsql)
- Apex Code Quality and Security 1.9.0.3429 (sonarapex)
- JavaScript/TypeScript Code Quality and Security 8.8.0.17228 (javascript)
- Ruby Code Quality and Security 1.9.0.3429 (ruby)
- Vulnerability Rules for C# 9.3.0.14923 (securitycsharpfrontend)
- Vulnerability Rules for Java 9.3.0.14923 (securityjavafrontend)
- License for SonarLint 8.0.0.26500 (license)
- Vulnerability Rules for JS 9.3.0.14923 (securityjsfrontend)
- COBOL Code Quality 4.6.2.4876 (cobol)
- Vulnerability Rules for Python 9.3.0.14923 (securitypythonfrontend)
- PHP Code Quality and Security 3.22.1.8626 (php)
- ABAP Code Quality and Security 3.10.0.3628 (abap)
- Configuration detection fot Code Quality and Security 1.2.0.267 (config)
- Vulnerability Rules for PHP 9.3.0.14923 (securityphpfrontend)
Global server settings:
- email.from=noreply@sonarcloud.io
- email.fromName=SonarCloud
- email.prefix=[SonarCloud]
- node_10_end_of_support_date=1620604800000
- node_10_grace_period_termination_date=1621814400000
- sonar.auth.bitbucket.enabled=true
- sonar.auth.microsoft.enabled=true
- sonar.core.id=1BD809FA-AWHW8ct9-T_TB3XqouNu
- sonar.core.serverBaseURL=https://sonarcloud.io
- sonar.core.startTime=2022-02-02T11:17:09+0100
- sonar.dbcleaner.weeksBeforeDeletingAllSnapshots=260
- sonar.dbcleaner.weeksBeforeKeepingOnlyOneSnapshotByMonth=4
- sonar.dbcleaner.weeksBeforeKeepingOnlyOneSnapshotByWeek=1
- sonar.global.exclusions=**/build-wrapper-dump.json
- sonar.lf.enableGravatar=true
- sonar.lf.logoWidthPx=105
- sonar.maintenance_mode.link=https://sonarcloud.statuspage.io/incidents/6qy1js6rqm5n
- sonar.maintenance_mode.message=SonarCloud will undergo maintenance for 30 minutes on Tuesday, February 15th. The service will not be available between 07:00 CET and 07:30 CET. Additionally, we will execute two maintenance tasks on February 8th and February 22nd at 08:00 CET, during which, it is possible that you will receive errors over a short period of time (1-2 minutes).
- sonar.maintenance_mode.start_date=2022-02-15T07:00:00.000+01:00
- sonar.organizations.anyoneCanCreate=true
- sonar.organizations.createPersonalOrg=true
- sonar.plsql.file.suffixes=sql,tab,pkb
- sonar.tsql.file.suffixes=.tsql
Project server settings:
- sonar.pullrequest.provider=Azure DevOps Services
- sonar.pullrequest.vsts.token.secured=******
Project scanner properties:
- sonar.cs.opencover.reportsPaths=**/coverage.opencover.xml
- sonar.host.url=https://sonarcloud.io/
- sonar.login=******
- sonar.modules=7488A04F-EAD7-490A-8743-8D62CCDAE406,43BD8A9C-2FE3-47F0-951C-5D78548E1EB8
- sonar.organization=afaforsakring
- sonar.projectBaseDir=/__w/48/s/src
- sonar.projectKey=afaforsakring_mega-worker-dotnet
- sonar.projectName=mega-worker-dotnet
- sonar.projectVersion=1.0
- sonar.pullrequest.base=main
- sonar.pullrequest.branch=sonar-test
- sonar.pullrequest.key=2767
- sonar.pullrequest.provider=vsts
- sonar.pullrequest.vsts.instanceUrl=https://afaforsakring.visualstudio.com/
- sonar.pullrequest.vsts.project=Kundresa och v��rdestr��m
- sonar.pullrequest.vsts.repository=mega-worker-dotnet
- sonar.scanAllFiles=true
- sonar.scanner.app=ScannerMSBuild
- sonar.scanner.appVersion=5.4
- sonar.scanner.metadataFilePath=/__w/_temp/sonar/20220203.6/d076ebf0-2bf8-fd9d-e0d1-66c02cc4ed6c/report-task.txt
- sonar.sourceEncoding=US-ASCII
- sonar.visualstudio.enable=false
- sonar.working.directory=/__w/48/.sonarqube/out/.sonar
Scanner properties of module: afaforsakring_mega-worker-dotnet:afaforsakring_mega-worker-dotnet:7488A04F-EAD7-490A-8743-8D62CCDAE406
- sonar.cs.analyzer.projectOutPaths="/__w/48/.sonarqube/out/0","/__w/48/.sonarqube/out/2"
- sonar.cs.roslyn.reportFilePaths="/__w/48/.sonarqube/out/0/Issues.json","/__w/48/.sonarqube/out/2/Issues.json"
- sonar.moduleKey=afaforsakring_mega-worker-dotnet:afaforsakring_mega-worker-dotnet:7488A04F-EAD7-490A-8743-8D62CCDAE406
- sonar.projectBaseDir=/__w/48/s/src/MegaWorker
- sonar.projectKey=afaforsakring_mega-worker-dotnet:afaforsakring_mega-worker-dotnet:7488A04F-EAD7-490A-8743-8D62CCDAE406
- sonar.projectName=MegaWorker
- sonar.sourceEncoding=utf-8
- sonar.sources="/__w/48/s/src/MegaWorker/Model/MegaCase.cs","/__w/48/s/src/MegaWorker/Model/MegaCreateCaseTask.cs","/__w/48/s/src/MegaWorker/Program.cs","/__w/48/s/src/MegaWorker/Services/CaseApi.cs","/__w/48/s/src/MegaWorker/Services/CaseApiTokenService.cs","/__w/48/s/src/MegaWorker/Services/ClaimRegistrationClient.cs","/__w/48/s/src/MegaWorker/Services/MegaCaseMapper.cs","/__w/48/s/src/MegaWorker/Services/MegaTaskHandler.cs","/__w/48/s/src/MegaWorker/Worker.cs","/__w/48/s/src/MegaWorker/appsettings.Development.json","/__w/48/s/src/MegaWorker/Properties/launchSettings.json","/__w/48/s/src/MegaWorker/obj/Debug/net6.0/apphost"
- sonar.working.directory=/__w/48/.sonarqube/out/.sonar/mod0
Scanner properties of module: afaforsakring_mega-worker-dotnet:afaforsakring_mega-worker-dotnet:43BD8A9C-2FE3-47F0-951C-5D78548E1EB8
- sonar.cs.analyzer.projectOutPaths="/__w/48/.sonarqube/out/1","/__w/48/.sonarqube/out/3"
- sonar.cs.roslyn.reportFilePaths="/__w/48/.sonarqube/out/1/Issues.json","/__w/48/.sonarqube/out/3/Issues.json"
- sonar.moduleKey=afaforsakring_mega-worker-dotnet:afaforsakring_mega-worker-dotnet:43BD8A9C-2FE3-47F0-951C-5D78548E1EB8
- sonar.projectBaseDir=/__w/48/s/src/MegaWorkerTests
- sonar.projectKey=afaforsakring_mega-worker-dotnet:afaforsakring_mega-worker-dotnet:43BD8A9C-2FE3-47F0-951C-5D78548E1EB8
- sonar.projectName=MegaWorkerTests
- sonar.sourceEncoding=utf-8
- sonar.sources=
- sonar.tests="/__w/48/s/src/MegaWorkerTests/CaseApiTests.cs","/__w/48/s/src/MegaWorkerTests/ClaimRegistrationClientTest.cs","/__w/48/s/src/MegaWorkerTests/MegaCaseMapperTest.cs","/__w/48/s/src/MegaWorkerTests/MegaTaskHandlerTest.cs","/__w/48/s/src/MegaWorkerTests/claim-registration.json"
- sonar.working.directory=/__w/48/.sonarqube/out/.sonar/mod1
If I try and guess what the actual characters or what language it is I’m sure I’ll mess up – can you let us know what the project name should be? If Microsoft supports such project names, so should we.
I just did a quick test on my side but wasn’t able to reproduce.
To help you troubleshoot, some questions/actions to do:
Was your project created a long time ago on SonarCloud ?
Can you display current env variables during a run of your pull request build, and check for the ‘SYSTEM_TEAMPROJECT’ variable and its value : does you project name displays correctly there ?
No, the project was created just a few weeks ago. I’ve run the pull request pipeline with verbose turned on and everything looks fine from what I can see. The output for that variable is:
##[debug]Set env: SYSTEM_TEAMPROJECT=Kundresa och värdeström
Just to give give you som more details, this is the build, test and analyze job I use:
The only thing I can see that differs from a project that has working PR decoration (apart from being a c# project) is that here we are using the SonarCloudAnalyze@1 and not the sonar plugin for maven/gradle .
If you create a new repository on this project; and you import it on SonarCloud (if your organization is bound to the one on Azure DevOps), do you see the characters printed correctly ?
Are you using a self-hosted build agent or are you using one from azure devops ?
Can you check what is the value of the LANG env variable if you have it ?
Alternatively, can you send me a debug log of a pipeline execution please ? I can DM you for that, just let me know.