We have recently purchased the SonarCloud licence. We are buidling our dotnet core application in multi stage dockerfile. As part of the build stage, we have added dotnet sonar scanner step for performing sonarcloud scanning for the pull request. dotnet sonarscanner begin \ /k:"$SONAR_PROJECT_KEY" \ /n:"$SONAR_PROJECT_NAME" \ /o:"$SONAR_ORGANIZATION_KEY" \ /d:sonar.host.url="$SONAR_HOST_URL" \ /d:sonar.login="$SONAR_TOKEN" \ /d:sonar.coverageReportPaths=tests/testresults/coverage/SonarQube.xml \ /d:sonar.scm.disabled=true \ /d:sonar.pullrequest.key="$PULL_REQUEST_ID" \ /d:sonar.pullrequest.branch="$PULL_REQUEST_SOURCE_BRANCH" \ /d:sonar.pullrequest.base="$PULL_REQUEST_TARGET_BRANCH"
Note - In the Dockerfile we are only copying the Source folders of the code and not the .git folder. That is the reason we have set the paramter sonar.scm.disabled=true
The pull request scanning is happening successfully and the results are published under pull requests tab on the Application profile in SonarCloud. However we are not able to fully configure the pull requests decoration in Azure DevOps.
As part of the process defined by SonarCloud, we have to select the status check policy as “SonarCloud/quality gate” in the branch policy but we are not getting that option at all.
It’s quiet strange to me as I have already selected the provider as Azure DevOps and added the PAT token with code read write in the project-> Administration->General Settings->Pull Request
Can you please suggest why SonarCloud is not populating Status Check policy as “SonarCloud/quality gate” in the Azure DevOps?
In one of the community post I read that .git folder needs to copied inside the dockerfile hence I added the .git folder and replaced the parameter sonar.scm.disabled=true with sonar.scm.provider=git and I can see the scanned results associated with commit id now on SonarCloud portal. But still I can’t see SonarCloud populating Status Check policy as “SonarCloud/quality gate” in the Azure DevOps? @Sonar team - Can you please suggest.?
Thank you for your post and let me try to help you fix this issue.
I see two potential root causes of the issue, if your project is not bound to AzureDevops or if your personal access token doesn’t have the necessary rights on the repository.
Could you verify if your project is bound to AzureDevops. The information is visible on the project page, under the project name, there should be an azureDevOps icon.
See an example with github bound project:
Could you also verify if your personal access token has the necessary rights on the repository?
If none of this explains the issue you are facing, I will need to investigate further. For that I will need information about your project. I will send you a private message to collect them.
The root cause of the problem was identified. This is coming from the fact that the scanner is run manually. And when running the scanner manually, some additional properties are needed to get the PR decoration. The properties are:
