Hello There,
I am trying to scan a .net Solution which contains multiple projects.
I have build the pipeline as per the documentation but it is not scanning the codes.
Here is the pipeline Agent config:
below you can find the YAML version:
after the scanning is finished, I cant see the line of codes, bugs, code smells etc.
Please let me know what wrong I am doing here.
Please help get it solved.
Hey there.
You need to specify scannerMode: MSBuild
- task: SonarQubePrepare@5
inputs:
SonarQube: 'Azure89jun15'
scannerMode: 'MSBuild'
projectKey: 'test'
projectName: 'test'
Dear Colin,
Thanks for your quick reply. I did add the scannerMode but still I have the same issue.
Please find the actual YAML code below: and suggest what else I should change.
trigger:
- master
pool:
vmImage: ubuntu-latest
name: Azure Pipelines
demands:
- msbuild
- java
steps:
- task: SonarQubePrepare@5
displayName: 'Prepare analysis on SonarQube'
inputs:
SonarQube: 'SonarQube ArpG AG'
projectKey: ArpG.ContactReport
projectName: ArpG.ContactReport
projectVersion: 1
scannerMode: MSBuild
- task: NuGetToolInstaller@1
displayName: 'Use NuGet '
- task: NuGetCommand@2
displayName: 'NuGet restore'
inputs:
vstsFeed: '40d60191-c3c6-443a-8a7b-XXXXXXXXX'
- task: MSBuild@1
displayName: 'Build solution ArpG.ContactReport.sln'
inputs:
solution: ArpG.ContactReport.sln
- task: SonarQubeAnalyze@5
displayName: 'Run Code Analysis'
- task: SonarQubePublish@5
displayName: 'Publish Quality Gate Result'
Anything interesting in the analysis logs (files indexed, analysis warnings/errors)?
No nothing
Same result as before (screenshot given in the main problem description)
Hey there.
I’m referring to the analysis logs (the logs from your Azure DevOps Pipeline), where the SonarQubeAnalyze task is run.
All the steps were executed successfully?
I’ll appreciate your help if you please have a look at the logs and let me know where I did wrong. or If I have missed any step.
here I have attached log of Build Solution and Run Code Analysis. if you need any other log I am at your disposal. please let me know I’ll share with no time.
DevOps Pipeline Run Log.txt (84.3 KB)
DevOps Pipeline Log for Run Code Analysis.txt (34.2 KB)
Hey there.
Take a look at this warning message:
2022-05-30T17:42:00.9247165Z WARN: SonarScanner for .NET detected only TEST files and no MAIN files for C# in the current solution. Only TEST-code related results will be imported to your SonarQube/SonarCloud project. Many of our rules (e.g. vulnerabilities) are raised only on MAIN-code. Read more about how the SonarScanner for .NET detects test projects: Analysis of product projects vs. test projects · SonarSource/sonar-scanner-msbuild Wiki · GitHub
Hi Colin,
Thanks this comment already helped.
and the adding of one extra property group in the project solved the whole issue.
I am surprised why it is not documented or why no one else stuck in this problem before 
<PropertyGroup>
<!-- Project is not a test project -->
<SonarQubeTestProject>false</SonarQubeTestProject>
</PropertyGroup>
Thanks for the link and the problem seems to be solved now.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.