Sonarcloud pullrequest should fail but does not

Template for a good new topic, formatted with Markdown:

  • ALM used : Azure DevOps

  • CI system used: Azure DevOps

  • Scanner command used when applicable (private details masked):
    Run code Analysis step in CI and this succeeds, then checking the pullrequest Status/Code in Sonarcloud -> it shows no errors!

  • Languages of the repository: C#

  • Only if the SonarCloud project is public, the URL

    • And if you need help with pull request decoration, then the URL to the PR too
  • Error observed (wrap logs/code around with triple quotes ``` for proper formatting)

  • Steps to reproduce: Followed instructions on https://www.azuredevopslabs.com/labs/vstsextend/sonarcloud/

  • Potential workaround : None

I can’t get Sonarcloud analysis to fail! So much for code quality…:stuck_out_tongue:
Plz if anyone has an idea, suggestion, fix?

hi @martijnflanderijn and welcome to the community

First of all, if you analyze the project locally with our analyzers, will the issue show up?

For the Prepare step , can you add the sonar.verbose property set to true? And then upload here the logs from the Prepare Step, Build and also from the “Run Code Analysis” step?

1 Like

Hi,

I put in the verbose. I see in the Build Step following errors:

Warning CS8032: An instance of analyzer SonarAnalyzer.Rules.CSharp.ThreadStaticWithInitializer cannot be created from C:\Users\VssAdministrator\AppData\Local\Temp\.sonarqube\resources\0\SonarAnalyzer.CSharp.dll : Could not load file or assembly 'Microsoft.CodeAnalysis, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified..
2020-08-25T12:52:13.1073706Z CSC : warning CS8032: An instance of analyzer SonarAnalyzer.Rules.CSharp.ThreadStaticWithInitializer cannot be created from C:\Users\VssAdministrator\AppData\Local\Temp\.sonarqube\resources\0\SonarAnalyzer.CSharp.dll : Could not load file or assembly 'Microsoft.CodeAnalysis, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.. [D:\a\1\s\FlidsApi\FlidsApi.csproj]
2020-08-25T12:52:13.1080419Z ##[warning]CSC(0,0): Warning CS8032: An instance of analyzer SonarAnalyzer.Rules.CSharp.MutableFieldsShouldNotBePublicReadonly cannot be created from C:\Users\VssAdministrator\AppData\Local\Temp\.sonarqube\resources\0\SonarAnalyzer.CSharp.dll : Could not load file or assembly 'Microsoft.CodeAnalysis, Version=1.3.1.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified..

I will look into this because i think this might have something to do with it?

Regards,

Indeed, check Analysis results are not getting loaded for .NET project and New Install: warning CS8032: An instance of analyzer SonarAnalyzer.Rules.CSharp.DoNotHideBaseClassMethods cannot be created which have had similar problems.

Hi Andrei,

It’s really frustrating. I can’t get it to work.
Still getting same error in the Build: Could not load file or assembly 'Microsoft.CodeAnalysis, Version=1.3.1.0
Have tried just about everything that i googled but nothing works.
Hope you might have a solution…

I’m running a VS2019 solution on a windows-2019 azure agent with the Microsoft.CodeAnalysis, Version=1.3.1.0 added to all 4 projects.

I’ve added the logs as you suggested.

Regards,

(Attachment Build_Solution is missing)

(Attachment Prepare_SonarCloud is missing)

(Attachment Run_Analysis is missing)

Hi Andrei,

Sonar keeps refusing my mail with attachment. I’ll try it this way.
So here is the attached log.

Azure_Steps_Log.zip (210 KB)

Hey Andrei,

I have an update for you. I have managed to not get the ‘Could not load Microsoft.CodeAnalysis’ anymore by running the agent on a local machine.
But!
Sonarcloud is still not breaking on my code:

I’ve attached the build log.

The Analyse step shows:

Build_Solution_Local_Agent.zip (39.4 KB)

hi @martijnflanderijn

I see in your “run analysis” logs that your class to test is in FlidsApi\Helpers\SonarcloudQualityGateTest.cs , however I don’t see it in the MSBuild logs. Is the FlidsApi scanned at all?

For example, it’s clear that our analyzer is running , in the MSBuild logs you can see warnings like:

2020-08-26T09:05:21.4727724Z ##[warning]FlidsApi.Core\Helpers\EnumMappingHelper.cs(7,1): Warning S1128: Remove this unnecessary 'using'.
2020-08-26T09:05:21.4732995Z Helpers\EnumMappingHelper.cs(7,1): warning S1128: Remove this unnecessary 'using'. [D:\a\1\s\FlidsApi.Core\FlidsApi.Core.csproj]

We need to look at the diagnostics logs of the msbuild command. Please run the build with the /v:diag parameter (see verbosity in MSBuild command-line reference).

Hi,

I added the /v:diag to the build and get loads of information.
I see following error: \Local\Temp.sonarqube\resources\3\SonarAnalyzer.CSharp.dll does not contain any analyzers

Maybe this is the cause for not validating the code?
I put in critical code, so it should break:

Now what’s weird is that sonarcloud seems to ‘see’ the code, but does not analyze it.

Hope you can point me in the right direction.
Regards,

Can you share those logs with us?

Most likely you ran the BEGIN step twice without running the END step which does some cleanup. There analyzers are downloaded by the scanner for msbuild and stored in %TEMP%/.sonarqube\resources. From the error message, it seems the folder is in a corrupted state.

Here is the log…

here are the steps in my build:

this should work, right?

Regards,

you didn’t give us any logs…

yes, it should work. We need to better understand the problem by using the logs