SonarCloud does not find any files on Azure DevOps pull request scan

  • Azure DevOps
  • Azure DevOps
  • C#
  • Pull Request scan does not show any files being scanned

Here is the .yml file I am using

trigger:
- master
pr:
- master

pool:
  vmImage: 'windows-latest'

variables:
  buildConfig: 'Release'
  buildConfiguration: 'Release'
  buildPlatform: 'any cpu'

jobs:
- job: 
  steps:
  - task: NuGetCommand@2
    inputs:
      command: 'restore'
      restoreSolution: '**/*.sln'
      feedsToUse: 'select'
  - task: SonarCloudPrepare@1
    inputs:
      SonarCloud: 
      organization: 
      scannerMode: 'MSBuild'
      projectKey: 
      projectName: 

  - task: VSBuild@1
    displayName: 'Build solution **\*.sln'
    inputs:
      solution: '**\*.sln'
      platform: '$(BuildPlatform)'
      configuration: '$(BuildConfiguration)'
  - task: SonarCloudAnalyze@1
  - task: SonarCloudPublish@1
    inputs:
      pollingTimeoutSec: '300'

Hi @Ben_Wozniak and welcome to the community !

Have you added the RunCodeAnalysis task as well after the VSBuild one ? If not, you should.

HTH,
Mickaël

Hi @mickaelcaro thank you for the response. Please see the attached yaml file, we do the following: initialize SonarCloud, build the solution, run the analysis, and publish the results. Let me know if there is an error in that yaml.

Thanks!

Thanks. Can you send me the logs of this Run Code Analysis task please, if possible in debug mode ?

Sure thing. Here are the logs for the Run Code Analysis task: sonarcloud.txt (2.5 MB)

I’m not sure what’s changed but I can now get modified files to show up in the PR scan.

Using the default Sonar Way Quality Profile, we are not seeing all of the Code Smells pop up in the PR that we expect, however

Hi @Ben_Wozniak

Thanks for the logs

From their perspectives, i see that files are correctly detected and should be available in the SonarCloud’s project dashboard.

What is the problem with your last message ? Do you see those codesmells in your SC dashboard ?

Thanks again for your responses and time! I see one of the code smells but one that shows up in SonarLint and not on the scan is the block of commented out code. I was curious why some rules appear and others do not.

Are you using connected mode in SonarLint ?

No, as far as I can tell it is just the base SonarLint setup.

Ok, seems weird. Does it do that for every codesmells, even if you add an obvious one ? Or is it inconsistent ?

I noticed it with a block of code commented out not being found in the PR scan. Unfortunately our trial is over so I cannot test out other scenarios, but we did notice the inconsistencies.