SonarCloud tasks in Azure DevOps build pipeline do not work with C# projects behind the corporate proxy

satano · November 5, 2019, 9:27am

Thank you for quick response (and sorry for my late).

Your suggested settings does not work. Setting

SONAR_SCANNER_OPTS=-Djava.net.useSystemProxies=true

does not work and I am not the only one. What works is setting explicit proxy values into that environment variable:

SONAR_SCANNER_OPTS=-Dhttps.proxyHost=x.x.x.x -Dhttps.proxyPort=yyyy -Dhttp.nonProxyHosts="localhost|..."

But this works only for CLI scanner, not for MSBuild.

The thing is, that when we use CLI scanner, it uses proxy settings set by SONAR_SCANNER_OPTS, environment variable, but it does not scan/report C# (.cs) files, when we try to use MSBuild scanner, it is not working at all, because it does not use proxy and cannot connect to https://sonarcloud.io.

So here is our setup

We have set proxy in SONAR_SCANNER_OPTS environment variable explicitly as mentioned above. Just note, we also have set environment variables HTTP_PROXY and HTTPS_PROXY.

When I try CLI scanner, our step in pipeline is:

- task: SonarCloudPrepare@1
  displayName: 'SonarCloud Prepare'
  inputs:
    SonarCloud: 'SonarCloud'
    organization: 'krossk'
    cliProjectKey: 'esw.invoicing'
    scannerMode: 'CLI'
    configMode: 'manual'
    cliSources: '$(Build.SourcesDirectory)'

When I try MSBuild scanner, pipeline step is:

- task: SonarCloudPrepare@1
  displayName: 'SonarCloud Prepare'
  inputs:
    SonarCloud: 'SonarCloud'
    organization: 'krossk'
    projectKey: 'esw.invoicing'
    scannerMode: 'MSBuild'

Our project is a .NET C# solution with several projects. So most of the files are C# (.cs), but there are some SQL scripts (.sql) and HTML (.html) files as well.

For testing purposes, I connected the build machine to internet directly, without proxy. MSBuild scanner worked as expected. It found all the issues in all the files - we have some issues in all three file types. So I returned the machine back behind the proxy.

MSBuild scanner behind proxy

This is not working working at all. It does not matter if SONAR_SCANNER_OPTS is set to use system proxy, set to explicit proxy, or is not set. This always fails during SonarCloud Prepare step. The log is:

SYSTEMVSSCONNECTION exists true
c:\BuildAgents\agent-2\_work\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\1.9.0\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe begin /k:esw.invoicing /o:krossk
SonarScanner for MSBuild 4.7.1
Using the .NET Framework version of the Scanner for MSBuild
Pre-processing started.
Preparing working directories...
14:51:45.696  Updating build integration targets...
14:51:45.724  Fetching analysis configuration settings...
##[error]14:52:48.799  Failed to request and parse 'https://sonarcloud.io/api/server/version': Unable to connect to the remote server
14:52:48.799  Failed to request and parse 'https://sonarcloud.io/api/server/version': Unable to connect to the remote server
##[error]14:52:48.799  Could not connect to the SonarQube server. Check that the URL is correct and that the server is available. URL: https://sonarcloud.io/
14:52:48.799  Could not connect to the SonarQube server. Check that the URL is correct and that the server is available. URL: https://sonarcloud.io/
##[error]14:52:48.8  Pre-processing failed. Exit code: 1
14:52:48.8  Pre-processing failed. Exit code: 1
##[error]The process 'c:\BuildAgents\agent-2\_work\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\1.9.0\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe' failed with exit code 1
Finishing: SonarCloud Prepare

CLI scanner behind proxy

SonarCloud Prepare step is working in both cases: if SONAR_SCANNER_OPTS is set to use system proxy and also if it is set to explicit proxy. The log in this step is very simple:

SYSTEMVSSCONNECTION exists true
Finishing: SonarCloud Prepare

The result of SonarCloud Analyze step depends on SONAR_SCANNER_OPTS variable. If it is set to use system proxy, this step fails:

C:\WINDOWS\system32\cmd.exe /D /S /C "c:\BuildAgents\agent-2\_work\_tasks\SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1\1.9.0\sonar-scanner\bin\sonar-scanner.bat"
INFO: Scanner configuration file: c:\BuildAgents\agent-2\_work\_tasks\SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1\1.9.0\sonar-scanner\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 4.1.0.1829
INFO: Java 12.0.2 Oracle Corporation (64-bit)
INFO: Windows 10 10.0 amd64
INFO: SONAR_SCANNER_OPTS=-Djava.net.useSystemProxies=true
INFO: User cache: C:\WINDOWS\ServiceProfiles\NetworkService\.sonar\cache
##[error]ERROR: SonarQube server [https://sonarcloud.io] can not be reached
ERROR: SonarQube server [https://sonarcloud.io] can not be reached
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 15.426s
INFO: Final Memory: 3M/56M
##[error]ERROR: Error during SonarQube Scanner execution
ERROR: Error during SonarQube Scanner execution
INFO: ------------------------------------------------------------------------
##[error]org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube

... here is very long stack trace log ...

ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.
##[error]The process 'c:\BuildAgents\agent-2\_work\_tasks\SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1\1.9.0\sonar-scanner\bin\sonar-scanner.bat' failed with exit code 1
Finishing: SonarCloud Analyze

If the SONAR_SCANNER_OPTS is set to explicit proxy, SonarCloud Analyze does not fail. But I would not say it is working, because it does not find issues in C# files. It just reports issues in SQL and HTML files and does not report any C# issue. Even when I browsed source code in project in the sonarcloud.io, there were only .sql and .html files, no .cs files. I double checked this with adding two new files with issues in them. One is .html and the other one is .cs. After the build, we see new issues in new .html file, but no C# issues.

Just last note is, I do not change settings in project in sonarcloud.io. I am just playing with those two scanner modes nad proxy settings in our pipeline. And as I mentioned at the beginning, when the machine is not behind proxy, MSBuild scanner really works.

So any other ideas what is wrong and if there is some solution for us?

Thanks a lot, Stano

Topic		Replies	Views
Latest version of SonarCloud DevOps tasks (current do not work behind corporate proxy) SonarQube Cloud azuredevops-services , dotnet , proxy	4	2057	March 13, 2020
C# project, proxy and connectivity SonarQube Cloud azuredevops-services , proxy , sonarqube-cloud	5	1388	October 12, 2020
Sonar Scanner Azure DevOps fails behind proxy and firewall on private agent SonarQube Cloud scanner , azuredevops-services , dotnet , sonarqube-cloud	4	1334	March 31, 2022
SonarCloud not using proxy, trying to go through firewall SonarQube Cloud csharp , azuredevops-services , proxy , sonarqube-cloud	7	817	November 24, 2022
Azure devops task behind proxy SonarQube Cloud	3	1703	September 17, 2021

SonarCloud tasks in Azure DevOps build pipeline do not work with C# projects behind the corporate proxy

So here is our setup

MSBuild scanner behind proxy

CLI scanner behind proxy

Related topics