SonarCloud Pull Request Status Check Stuck on "Waiting" for Azure DevOps

Summary:
I have recently set up a “Status Check” for my Azure DevOps repository to require successful passing of the quality gate from SonarCloud. However, while the status does post to the build and is available in SonarCloud, it never gets posted to the PR itself. It is constantly stuck in the “Waiting” status.

This is the tutorial instructions I followed:

  • ALM used: Azure DevOps (Cloud)
  • CI system used: Azure DevOps (Cloud)
  • Languages of the repository: C# and Javascript/Typescript
  • Error observed: The Status Check for PRs is stuck in a “Waiting” state for the SonarCloud quality check.
  • Steps to reproduce: Any PR created for our repository results in the above issue.
  • Task ID of failing analysis: AYXl3ThU9k4Ns0hC8L21

Steps Tried:

  1. Resetting the PAT from Azure DevOps.
  2. Ensuring the PAT has Code (Read/Write) access.
  3. Adding the PAT to each project under Administration / General Settings / Pull Requests.
  4. Re-running builds to trigger the status update again.

The analysis itself, whenever I checked it under Administration / Background Tasks under the SonarCloud project, is showing up as successful. I can’t see the actual logs, so I’m not sure why it isn’t posting to Azure DevOps.

Here is the JSON status from the report upload as part of the analysis execution step in our pipeline (sensitive info removed):

{
    "task": {
        "id": "AYXl3ThU9k4Ns0hC8L21",
        "type": "REPORT",
        "analysisId": "AYXl3Tl0lSeixJa3KU6-",
        "status": "SUCCESS",
        "submittedAt": "2023-01-24T23:19:18+0100",
        "submitterLogin": "sonarcloudsvc39086",
        "startedAt": "2023-01-24T23:19:18+0100",
        "executedAt": "2023-01-24T23:19:20+0100",
        "executionTimeMs": 1684,
        "logs": false,
        "hasScannerContext": true,
        "pullRequest": "11161",
        "warningCount": 0,
        "warnings": []
    }
}

Hi,

Welcome to the community!

Did you import this project into SonarCloud via the UI wizards, or set it up some other way?

 
Ann

The projects are created automatically in our Azure DevOps pipeline. Whenever we make a new pipeline for a new project, the first time it scans it makes a new project. The projects themselves aren’t bound to Azure DevOps (they don’t have the icon next to them), but the organization is.

1 Like

Hi,

Thanks for that detail. I’m going to flag this for more expert eyes.

Edit: Actually, before I do that do you see anything out of the ordinary in the project’s Background Tasks?

 
Ann

No, everything completes as I would expect and I see no errors listed anywhere. Every background task for this project has a success status.

1 Like

Any updates here? I’d be happy to provide any more information if needed.

Hi Jackson,

I’m going to have a look at your issue. I see you already shared some task id and analysis id, so let me have a look on my side and I will let you know if I need any more informations.

I’ll update you ASAP

Hi Jackson,

So for what I can see, the analysis runs fine and the PR decoration process is executed.
But it fails when trying to get the git repository informations from Azure Devops.

I sent you a private message with the repository name it tries to reach.

There are 2 things you can do on your side :

  1. Make sure that you correctly set all the configuration about the repository
  2. Make sure that the PAT that you are using, has read and write access on this particular repository

Can you try this and let me know if it solves your issue or not ?

And if it doesn’t, please share with me your latest JSON status report with the analysisId and submittedAt values

Best regards,

Thanks for getting back to me!

  1. I re-created my Personal Access Token for the user that I am using. It’s a bot user we set up specifically for integration to and from Azure DevOps and SonarCloud. Here are the settings I used for this token:

  2. Here is where I added the token to the organization level:

  3. And finally, I added the token to the repository-level section for Azure DevOps

It still isn’t working, and I get a constant “Waiting” status when I view the PR:

My task ID for this specific PR and analysis I showed in the pic above is:
AYYYerZ-oAg5DX4dF-Rz

It shows up as successful as far as I can see:

EDIT: I forgot to add the JSON you requested. Here is the result that the pipeline sent (with sensitive details removed):

{
    "task": {
        "id": "AYYYerZ-oAg5DX4dF-Rz",
        "type": "REPORT",
        "componentQualifier": "TRK",
        "analysisId": "AYYYerfclIsSOlsiSEm3",
        "status": "SUCCESS",
        "submittedAt": "2023-02-03T19:12:20+0100",
        "startedAt": "2023-02-03T19:12:20+0100",
        "executedAt": "2023-02-03T19:12:23+0100",
        "executionTimeMs": 2274,
        "logs": false,
        "hasScannerContext": true,
        "pullRequest": "11228",
        "warningCount": 0,
        "warnings": []
    }
}

Hi Jackson,

I’ve sent you a private message with some data and infos about your issue.
Have a look and please let me know if it helps fixing your issue or not.

Best regards

Hi Jackson,

Following your answer in private message, can you check that : there is no mistake with the personal access token, I can see from your screenshots you configured it right and set it and the correct place, but is there a chance there is an extra space or an extra character somewhere due to copy/paste ?

Other possibility, is there a chance that your organization apply some sort of restrictions/firewall that might block our app from calling the endpoint to post the analysis result on your PR ?

The firewall seems likely. I will have to check with our IT team and see if they can assist. I’ll post a follow up if I figure it out. Thanks for your assistance!

1 Like

Just as an update, I have resolved this issue. It was an IT issue on our side with Azure DevOps permissions. Apparently, my bot account in DevOps was set as a “Stakeholder” user instead of a “Basic” user. Stakeholder users have no access to projects regardless of permissions set in personal access tokens or otherwise.

If anyone else runs into this issue, make sure you check your user type in Azure DevOps.

2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.