SonarCloud is not Decorating Azure DevOps Pull Requests

Template for a good new topic, formatted with Markdown:

  • ALM used (GitHub, Bitbucket Cloud, Azure DevOps)
    Azure DevOps
  • CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI
    Azure DevOps
  • Scanner command used when applicable (private details masked)
  • task: SonarSource.sonarcloud.14d9cde6-c1da-4d55-aa01-2965cd301255.SonarCloudPrepare@1
    displayName: ‘Prepare analysis on SonarCloud’
    inputs:
    SonarCloud: REDACTED
    organization: REDACTED
    projectKey: REDACTED
    projectName: REDACTED
    extraProperties: |

    Additional properties that will be passed to the scanner,

    Put one key=value per line, example:

    sonar.exclusions=**/.sql
    sonar.cs.opencover.reportsPaths=(Build.SourcesDirectory)//**/coverage.opencover.xml sonar.cs.vstest.reportsPaths=(Agent.TempDirectory)/
    .trx
  • Languages of the repository
    dotnet core

  • Only if the SonarCloud project is public, the URL

    • And if you need help with pull request decoration, then the URL to the PR too
      Private
  • Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
    PR is not decorated

We followed the instructions here to setup the Azure DevOps PR decoration

We can see that a given branch/pr contains code smells but we aren’t seeing the PR comments being added.

Here is an example ID of the background task for the PR

AXRM7IaoQ8Hd3BaV9mI9

Hi @Paul_Everton and welcome to the community !

Do you have somewhere the “Enable Azure Active Directory Conditional Access Policy Validation” enabled ? It might block some IPs accessing your Azure DevOps API from outside.

Mickaël

Hello @mickaelcaro

Yes we do! I will look into that. As a side note: is there any logs that I could look at that would have surfaced the issue so that I don’t need to bug you or are they purely internal? I tried to look at the Azure DevOps task output and couldn’t spot anything. The “background tasks” in SonarCloud didn’t seem to have an option to look at associated logs unless I missed something.

Thanks again for the hint!

Hi,

Yeah we’re not good at that specific part, it’s logged as a debug message in our internal logs, we will be improving this in the near future.