We have reverted to the build task v5 rather than v6, and builds work again. We no longer have code coverage due to unrelated issues with v5
We ran v6 with .NET Scanner 6.2 rather than the new 7.1 version, and builds work again.
This update was download overnight automatically, and has broken all our builds with sonarqube enabled.
It appears this minor version update to the plugin applied a major update to the 7.1 version of the .NET scanner… and based on reading the documentation of the .NET scanner, it appears to be ignoring our custom java configuration and downloading its own version of java without our trust store.
Forcing version 6.2 of the scanner does not result an error. This issue appears to be related to the 7.1 version of the scanner that the new 2.3.0 version of the plugin is now referencing.
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Thanks a lot for this.
Since 7.0, we are provisioning the JRE to remove the dependency from the user.
This results in our provisioning JRE not knowing the path to the certificate store.
You have a couple of options:
Specify /d:sonar.scanner.javaExePath=<PATH>
Specify /d:sonar.scanner.skipJreProvisioning=true
This will be documented very soon, as it is indeed breaking behavior.
We suffer from this issue as well with Sonarqube extension 6.3.0.
All our builds targetting the v6 tasks fail since the automatic upgrade to the 6.3.0 version of the marketplace extension.
A breaking change might be expected when upgrading a task version (e.g. v6 to v7) but not within the same version.
We expect this breaking change to be fixed as soon as possible by reverting the change to v6 tasks and either introducing v7 tasks or have the v6 tasks prefer the existing Java runtime vs JRE provisioning.
FYI, a new patch version was just release for the AzDO extensions (2.3.1 for SonarCloud, 6.3.1 for SonarQube), which reverts the default .NET scanner embedded to v6. Many thanks for raising the concern here and apologies for the trouble caused by this update.
We will wait a few weeks before making a new major version of AzDO tasks, that will include the next not-yet-released major version of the Scanner for .NET (v8). You can track the progress in this ticket if you are interested.
