Sonar Scanner For MS Build .Net Core from inside Docker - Pull request analyzed but NOT decorated/completed

  • ALM used : Azure DevOps
  • CI system used : Azure DevOps

RUN dotnet sonarscanner begin
/k:{SONAR_PROJECT_KEY} \ /o:assurecare \ /d:sonar.host.url={SONAR_URL}
/d:sonar.login={SONAR_TOKEN} \ /d:projectVersion='{APP_VERSION}.{APP_BUILD}' \ /d:sonar.pullrequest.key={PR_NUMBER}
/d:sonar.pullrequest.branch=${PR_BRANCH}
/d:sonar.pullrequest.base=‘master’
/d:sonar.projectBaseDir=’/src’
/d:sonar.cs.opencover.reportsPaths=“coverage.opencover.xml”
/d:sonar.verbose=true

Running the scanner from the container, it does scan but I cannot get the PR is not update. I do see a warning in the UI
SCM provider autodetection failed. Please use “sonar.scm.provider” to define SCM of your project, or disable the SCM Sensor in the project settings.

I have researched this and tried several things to no avail.

Thanks for any any advice.
-allan

Hi @allanlogan and welcome to the community !

This behavior is normal as long as you don’t checkout your repo inside the container, because we are relying on some folder (for instance : .git) to automatically detect the SCM provider.

Have you tested by desactivating it directly ?

/d:sonar.scm.enabled=false

Let us know.

Thanks.

Thanks.

  • I am not checking out inside the container.

  • I have read about the auto detection. The .git folder is in the src folder that is COPY’ed to the container.

  • Yes I have tried setting .scm.enabled=false. That did not help. I still see the warning. This is the relevant log entries:

Project key: rule-execution-service
INFO: Base dir: /src
INFO: Working dir: /src/.sonarqube/out/.sonar
INFO: Load project settings for component key: ‘rule-execution-service’
INFO: Load project settings for component key: ‘rule-execution-service’ (done) | time=176ms
INFO: Load project branches
INFO: Load project branches (done) | time=149ms
INFO: Load projects for organization ‘assurecare’
INFO: Load projects for organization ‘assurecare’ (done) | time=135ms
INFO: Load project pull requests
INFO: Load project pull requests (done) | time=144ms
INFO: Load branch configuration
INFO: Load branch configuration (done) | time=4ms
INFO: Load quality profiles
INFO: Load quality profiles (done) | time=182ms
INFO: Load active rules
INFO: Load active rules (done) | time=4152ms
WARN: SCM provider autodetection failed. Please use “sonar.scm.provider” to define SCM of your project, or disable the SCM Sensor in the project settings.
INFO: Organization key: assurecare
INFO: Pull request 5972 for merge into master from feature/313108-fix-pipeline-yaml
INFO: Indexing files…
INFO: Project configuration:
INFO: Indexing files of module ‘rule-execution-service’
INFO: Base dir: /src/rule-execution-service
INFO: Source paths: Configuration/DatabaseOverride.cs, Configuration/IInRuleSetti…

No SCM system was detected. You can use the ‘sonar.scm.provider’ property to explicitly specify it.
INFO: 9 files had no CPD blocks
INFO: Calculating CPD for 19 files
INFO: CPD calculation finished
INFO: Analysis report generated in 150ms, dir size=154 KB
INFO: Analysis report compressed in 37ms, zip size=46 KB
INFO: Analysis report uploaded in 280ms
INFO: ANALYSIS SUCCESSFUL, you can browse https://sonarcloud.io/dashboard?id=rule-execution-service&pullRequest=5972
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=AW4ifyO0uMaVx7Y05X3b
INFO: Analysis total time: 11.198 s
INFO: ------------------------------------------------------------------------
INFO: EXECUTION SUCCESS
INFO: ------------------------------------------------------------------------
INFO: Total time: 1:10.357s
INFO: Final Memory: 29M/124M
INFO: ------------------------------------------------------------------------
The SonarQube Scanner has finished
15:46:31.44 Post-processing succeeded.

  • I looked at the vsts source and saw it seem like ‘vsts’ would be correct so I tried setting the scm.provider=vsts and got this error:
    SCM provider was set to “vsts” but no SCM provider found for this key. Supported SCM providers are hg,git

I also tried

  • Changing the provider to git and I get this error:
    ERROR: Error during SonarQube Scanner execution
    ERROR: Not inside a Git work tree: /src

Questions

  1. Shouldn’t I see source code in the UI for the PR branch? I don’t. Does Sonar pull that from the SCM if working correctly?
  2. Is there any logging on the sonar side?

Analysis report generated in 79ms, dir size=154 KB
INFO: Analysis report compressed in 23ms, zip size=46 KB
INFO: Analysis report uploaded in 300ms
INFO: ANALYSIS SUCCESSFUL, you can browse https://sonarcloud.io/dashboard?id=rule-execution-service&pullRequest=5972
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=AW4i_4AlOIXgsqrg-0SZ

Thank you for your help!
-allan

Hi!

Is it possible that for whatever reason, .git is not in /src (inside the container)? Because according to the logs, that’s what seems to be happening.
It would be much better to make sure git metadata is made available to the scanner rather than disabling the SCM since you will have more precise results regarding what files/lines are changed in that pull request.

You probably don’t see any file in the UI for the PR because it’s not detecting any changed file in the P/R. When no SCM is used, SonarQube will compare the files in the P/R with the files in the target branch (master in this case) as seen by SonarQube and this might not be what you see in git.

Please run the scanner with debug enabled - the logs will have more information about how many files are changed.

Thank you.

You were correct. The .git was not getting into the container. it was in the .dockerignore file. I made that change and not I no longer see the scm warning and it looks like it finds the files in the PR branch (5 in this case). BUT I still am not getting the gate to update in Azure DevOps. I AM getting the blame data in SonarCloud (I added some smell as a test).
image

I reset the Azure DevOps access token (again) since that’s the only thing I’ve ever seen previously prevent an update.

Does this update to the PR happen from Sonar Cloud or from the scanner?
Are there any logs that should show an attempt to update it?

Thanks again for any assistance.
-allan

Here’s some snippets from the latest log - debug and verbose:

14:19:19.771 DEBUG: SCM reported 5 files changed in the branch

14:19:24.587 INFO: CPD calculation finished
14:19:24.689 INFO: SCM writing changed lines
14:19:24.695 DEBUG: Merge base sha1: 7a23d660c1138a774eaf64f4de053648ed8a540b
14:19:24.715 DEBUG: SCM reported changed lines for 1 file in the branch
14:19:24.716 INFO: SCM writing changed lines (done) | time=27ms
14:19:24.719 INFO: Analysis report generated in 129ms, dir size=155 KB
14:19:24.751 INFO: Analysis report compressed in 32ms, zip size=47 KB
14:19:24.752 INFO: Analysis report generated in /src/.sonarqube/out/.sonar/scanner-report
14:19:24.753 DEBUG: Upload report
14:19:25.038 DEBUG: POST 200 https://sonarcloud.io/api/ce/submit?organization=assurecare&projectKey=rule-execution-service&characteristic=pullRequest%3D6255 | time=284ms
14:19:25.041 INFO: Analysis report uploaded in 288ms
14:19:25.042 INFO: ANALYSIS SUCCESSFUL, you can browse https://sonarcloud.io/dashboard?id=rule-execution-service&pullRequest=6255
14:19:25.042 INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
14:19:25.042 INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=AW5GO_W3w1j-vgOD63oB
14:19:25.043 DEBUG: Report metadata written to /src/.sonarqube/out/.sonar/report-task.txt
14:19:25.046 DEBUG: Post-jobs :
14:19:25.048 INFO: Analysis total time: 10.815 s
14:19:25.051 INFO: ------------------------------------------------------------------------
14:19:25.051 INFO: EXECUTION SUCCESS
14:19:25.051 INFO: ------------------------------------------------------------------------
14:19:25.051 INFO: Total time: 33.759s
14:19:25.215 INFO: Final Memory: 33M/231M
14:19:25.215 INFO: ------------------------------------------------------------------------
Process returned exit code 0
The SonarQube Scanner has finished

Hi,

Do you see any warning on the top right corner of the PR page on SonarCloud ?

You can find as well proper context of the corresponding background task (in the Background Tasks page)

Mickaël

Thanks Mickaël
There no warnings on the top right. There was but no longer see the SCM after adding the .git folder to the container.

Looking at the context it seem ok.
Question: sonar.projectBaseDir=/src and other places that reference src… This folder only exists in the container, not in source control. Does that matter?

Thanks again!
-allan

SonarQube plugins:

  • SonarCSS 1.1.1.1010 (cssfamily)
  • SonarPLSQL 3.4.1.2576 (plsql)
  • SonarScala 1.7.0.883 (sonarscala)
  • SonarC# 8.0.0.9566 (csharp)
  • Vulnerability Analysis 8.0.0.5505 (security)
  • SonarJava 5.14.0.18788 (java)
  • SonarHTML 3.2.0.2082 (web)
  • SonarFlex 2.5.1.1831 (flex)
  • SonarXML 2.0.1.2020 (xml)
  • SonarTS 2.0.0.4283 (typescript)
  • SonarVB 8.0.0.9566 (vbnet)
  • SonarSwift 4.2.1.62 (swift)
  • SonarCFamily 6.4.0.11646 (cpp)
  • SonarPython 2.0.0.5043 (python)
  • JaCoCo 1.0.2.475 (jacoco)
  • Mercurial 1.1.2 (scmmercurial)
  • SonarGo 1.7.0.883 (go)
  • SonarKotlin 1.7.0.883 (kotlin)
  • SonarTSQL 1.4.0.3334 (tsql)
  • SonarApex 1.7.0.883 (sonarapex)
  • SonarJS 6.0.1.10206 (javascript)
  • SonarRuby 1.7.0.883 (ruby)
  • Vulnerability Rules for C# 8.0.0.5505 (securitycsharpfrontend)
  • Vulnerability Rules for Java 8.0.0.5505 (securityjavafrontend)
  • License for SonarLint 8.0.0.2461 (license)
  • SonarCOBOL 4.4.0.3403 (cobol)
  • Git 1.10.0.1891 (scmgit)
  • SonarPHP 3.2.0.4868 (php)
  • SonarABAP 3.8.0.2034 (abap)
  • Vulnerability Rules for PHP 8.0.0.5505 (securityphpfrontend)
    Global server settings:
  • email.from=noreply@sonarcloud.io
  • email.fromName=SonarCloud
  • email.prefix=[SonarCloud]
  • sonar.auth.bitbucket.enabled=true
  • sonar.auth.microsoft.enabled=true
  • sonar.core.id=74E9293D-AWHW8ct9-T_TB3XqouNu
  • sonar.core.serverBaseURL=https://sonarcloud.io
  • sonar.core.startTime=2019-11-06T08:29:18+0100
  • sonar.cpd.cross_project=false
  • sonar.dbcleaner.weeksBeforeDeletingAllSnapshots=480
  • sonar.dbcleaner.weeksBeforeKeepingOnlyOneSnapshotByMonth=4
  • sonar.dbcleaner.weeksBeforeKeepingOnlyOneSnapshotByWeek=1
  • sonar.java.collectAnalysisErrors=true
  • sonar.leak.period=30
  • sonar.lf.enableGravatar=true
  • sonar.lf.logoWidthPx=105
  • sonar.organizations.anyoneCanCreate=true
  • sonar.organizations.createPersonalOrg=true
  • sonar.plsql.file.suffixes=sql,tab,pkb
  • sonar.tsql.file.suffixes=.tsql
    Project server settings:
  • sonar.pullrequest.provider=Azure DevOps Services
  • sonar.pullrequest.vsts.token.secured=******
    Project scanner properties:
  • sonar.coverage.exclusions=*Tests.cs
  • sonar.cs.nunit.reportsPaths=app/*.xml
  • sonar.cs.opencover.reportsPaths=coverage.opencover.xml
  • sonar.host.url=https://sonarcloud.io
  • sonar.log.level=DEBUG
  • sonar.login=******
  • sonar.modules=3F817139-6E09-4C0D-955B-397F975623ED,EDCE484F-E966-497C-8953-2437A31DD827
  • sonar.organization=assurecare
  • sonar.projectBaseDir=/src
  • sonar.projectKey=rule-execution-service
  • sonar.pullrequest.branch=feature/313108-add-sonarscanner-to-rule-execution-service
  • sonar.pullrequest.key=6255
  • sonar.scanAllFiles=true
  • sonar.scanner.app=ScannerCli
  • sonar.scanner.appVersion=4.1.0.1829
  • sonar.sourceEncoding=US-ASCII
  • sonar.verbose=true
  • sonar.visualstudio.enable=false
  • sonar.working.directory=/src/.sonarqube/out/.sonar
    Scanner properties of module: rule-execution-service:rule-execution-service:3F817139-6E09-4C0D-955B-397F975623ED
  • sonar.cs.analyzer.projectOutPath=/src/.sonarqube/out/0
  • sonar.cs.analyzer.projectOutPaths="/src/.sonarqube/out/0"
  • sonar.cs.roslyn.reportFilePath=/app/rule-execution-service.dll.RoslynCA.json
  • sonar.cs.roslyn.reportFilePaths="/app/rule-execution-service.dll.RoslynCA.json"
  • sonar.moduleKey=rule-execution-service:rule-execution-service:3F817139-6E09-4C0D-955B-397F975623ED
  • sonar.projectBaseDir=/src/rule-execution-service
  • sonar.projectKey=rule-execution-service:rule-execution-service:3F817139-6E09-4C0D-955B-397F975623ED
  • sonar.projectName=rule-execution-service
  • sonar.sourceEncoding=utf-8
  • sonar.sources="/src/rule-execution-service/Configuration/DatabaseOverride.cs","/src/rule-execution-service/Configuration/IInRuleSettings.cs","/src/rule-execution-service/Configuration/InRuleSettings.cs","/src/rule-execution-service/Configuration/ISystemSettings.cs","/src/rule-execution-service/Configuration/Logging.cs","/src/rule-execution-service/Configuration/RestServiceOverride.cs","/src/rule-execution-service/Configuration/RuleAppMapping.cs","/src/rule-execution-service/Configuration/RuleApps.cs","/src/rule-execution-service/Configuration/SystemSettings.cs","/src/rule-execution-service/Controllers/ExecutionController.cs","/src/rule-execution-service/Controllers/HealthController.cs","/src/rule-execution-service/ExecutionMode.cs","/src/rule-execution-service/Extensions/RuleSessionExtensions.cs","/src/rule-execution-service/Model/Dto/ApplyRulesRequest.cs","/src/rule-execution-service/Model/Dto/ChangeSetEntry.cs","/src/rule-execution-service/Model/Dto/ExecuteRulesRequest.cs","/src/rule-execution-…
  • sonar.working.directory=/src/.sonarqube/out/.sonar/mod0
    Scanner properties of module: rule-execution-service:rule-execution-service:EDCE484F-E966-497C-8953-2437A31DD827
  • sonar.cs.analyzer.projectOutPath=/src/.sonarqube/out/1
  • sonar.cs.analyzer.projectOutPaths="/src/.sonarqube/out/1"
  • sonar.cs.roslyn.reportFilePath=/app/rule-execution-service.Tests.dll.RoslynCA.json
  • sonar.cs.roslyn.reportFilePaths="/app/rule-execution-service.Tests.dll.RoslynCA.json"
  • sonar.moduleKey=rule-execution-service:rule-execution-service:EDCE484F-E966-497C-8953-2437A31DD827
  • sonar.projectBaseDir=/src/rule-execution-service.Tests
  • sonar.projectKey=rule-execution-service:rule-execution-service:EDCE484F-E966-497C-8953-2437A31DD827
  • sonar.projectName=rule-execution-service.Tests
  • sonar.sourceEncoding=utf-8
  • sonar.sources=
  • sonar.tests="/src/rule-execution-service.Tests/ExecutionServiceTests.cs","/src/rule-execution-service.Tests/HealthServiceTests.cs","/src/rule-execution-service.Tests/RepositoryServiceTests.cs"
  • sonar.working.directory=/src/.sonarqube/out/.sonar/mod1