SonarCloud does not find any files on Azure DevOps pull request scan

SonarQube Cloud
,
1
  • Azure DevOps
  • Azure DevOps
  • C#
  • Pull Request scan does not show any files being scanned

Here is the .yml file I am using

trigger:
- master
pr:
- master

pool:
  vmImage: 'windows-latest'

variables:
  buildConfig: 'Release'
  buildConfiguration: 'Release'
  buildPlatform: 'any cpu'

jobs:
- job: 
  steps:
  - task: NuGetCommand@2
    inputs:
      command: 'restore'
      restoreSolution: '**/*.sln'
      feedsToUse: 'select'
  - task: SonarCloudPrepare@1
    inputs:
      SonarCloud: 
      organization: 
      scannerMode: 'MSBuild'
      projectKey: 
      projectName: 

  - task: VSBuild@1
    displayName: 'Build solution **\*.sln'
    inputs:
      solution: '**\*.sln'
      platform: '$(BuildPlatform)'
      configuration: '$(BuildConfiguration)'
  - task: SonarCloudAnalyze@1
  - task: SonarCloudPublish@1
    inputs:
      pollingTimeoutSec: '300'
2

Hi @Ben_Wozniak and welcome to the community !

Have you added the RunCodeAnalysis task as well after the VSBuild one ? If not, you should.

HTH,
Mickaƫl

3

Hi @mickaelcaro thank you for the response. Please see the attached yaml file, we do the following: initialize SonarCloud, build the solution, run the analysis, and publish the results. Let me know if there is an error in that yaml.

Thanks!

4

Thanks. Can you send me the logs of this Run Code Analysis task please, if possible in debug mode ?

5

Sure thing. Here are the logs for the Run Code Analysis task: sonarcloud.txt (2.5 MB)

6

Iā€™m not sure whatā€™s changed but I can now get modified files to show up in the PR scan.

7

Using the default Sonar Way Quality Profile, we are not seeing all of the Code Smells pop up in the PR that we expect, however

8

Hi @Ben_Wozniak

Thanks for the logs

From their perspectives, i see that files are correctly detected and should be available in the SonarCloudā€™s project dashboard.

What is the problem with your last message ? Do you see those codesmells in your SC dashboard ?

9

Thanks again for your responses and time! I see one of the code smells but one that shows up in SonarLint and not on the scan is the block of commented out code. I was curious why some rules appear and others do not.

10

Are you using connected mode in SonarLint ?

11

No, as far as I can tell it is just the base SonarLint setup.

12

Ok, seems weird. Does it do that for every codesmells, even if you add an obvious one ? Or is it inconsistent ?

13

I noticed it with a block of code commented out not being found in the PR scan. Unfortunately our trial is over so I cannot test out other scenarios, but we did notice the inconsistencies.

17

Hi @Ben_Wozniak ,

I am closing this topic as it doesnā€™t have enough details to derive some actions from it. If you are willing to try again and see the same problem, please open a new topic.

Regarding why not all expected code smells appeared on the PR, there could have been multiple issues, possibly:

  • detection of test projects - there have been some inconsistencies regarding test project detection, read here about some of them; also, in the past releases of the Scanner for .NET (5.1 and 5.2) we fixed them; this month we will deploy a new analyzer version to :sonarcloud: which will close this topic
  • detection of generated code - we fixed some problems there ( #2228), the fix will be shipped in the next release of our .NET analyzers

Thank you,
Andrei

1 Like