SonarQube Azure DevOps issue (Tasks missing, deprecated task error)


(Matt O'Brien) #1

Version Info - Community Edition Version 7.4 (build 18908)
sonar-csharp-plugin-7.8.0.7320.jar

I am attempting to use the community edition within the Azure DevOps build pipeline. I have installed and configured the server, I have defined a project, added SonarQube from the Marketplace into AzureDevOps, and have the key configured.

The server itself is configured on a VM (proxied by IIS for SSL) and for all intents and purposes appears to be functioning correctly. I have updated all available plugins at this time.

The first issue I have come to is that when I go to change my build pipeline I am not seeing the tasks that should be available ( Prepare Analysis Configuration, Run Code Analysis, Publish Quality Gate Result). The only tasks available to me currently are the deprecated Microsoft tasks (SonarQube for MSBuild - Begin Analysis and SOnarQube for MSBuild - End Analysis). This is true when I start with an empty build pipeline or use an existing build.

I confirm that I see SonarQube (by SonarSource) as installed within the Marketplace but do not see how to get the tasks available within the pipelines. This issue is what I would like to get resolved if possible but I am unsure of what would need to be done to make these tasks accessible.

Please let me know what additional information is necessary to address this issue.

In the interim I have tried to configure the deprecated tasks within an existing pipeline and fail with the error below. I am not sure how to go about resolving this issue as well.

[error]Could not find a file on the SonarQube server. Url: http://XXXXXXXXXXXXX/example/static/csharp/SonarQube.MSBuild.Runner.Implementation.zip

[error]Failed to update the SonarQube Scanner for MSBuild binaries. Check the server url, verify that the C# plugin is correctly installed on the SonarQube server and that the SonarQube server has been restarted.

https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Extension+for+VSTS-TFS


(Colin Mueller) #2

Matt,

Can you confirm that the SonarQube extension is installed for the correct organization within Azure Devops? I just now installed the SonarQube extension on a personal organization and immediately see the relevant tasks available for me.

Cheers,

Colin


(Matt O'Brien) #3

Hi Collin - I am not an admin on the organization but I submitted the request and have the response email saying it has been installed. Please let me know if there is anything specific I would need our admin to do in order to ensure installation.

SonarQube has been installed
The request for SonarQube by SonarSource has been approved by Microsoft.VisualStudio.Services.Apps and is now installed on evolenthealth.


(Matt O'Brien) #4

It looks like the tasks are available now and I attempted a build with the tasks.

I am getting an error on the “Prepare analysis on SonarQube” task with the message below . . .

2018-11-13T16:06:24.4125854Z ==============================================================================
2018-11-13T16:06:24.4125939Z Task : Prepare Analysis Configuration
2018-11-13T16:06:24.4125990Z Description : Prepare SonarQube analysis configuration
2018-11-13T16:06:24.4126038Z Version : 4.4.1
2018-11-13T16:06:24.4126247Z Author : sonarsource
2018-11-13T16:06:24.4126311Z Help : More Information
2018-11-13T16:06:24.4126519Z ==============================================================================

2018-11-13T16:06:25.1167311Z ##[debug]scannerMode=MSBuild

2018-11-13T16:06:25.1170370Z ##[debug]projectKey=***

2018-11-13T16:06:25.1171824Z ##[debug]projectName=ASF

2018-11-13T16:06:25.1173360Z ##[debug]projectVersion=1.0

2018-11-13T16:06:25.1179912Z ##[debug][SQ] API GET: ‘/api/server/version’ with query “undefined”

2018-11-13T16:06:25.2738443Z ##[debug][SQ] API GET ‘/api/server/version’ failed, error was: {“code”:“UNABLE_TO_VERIFY_LEAF_SIGNATURE”}

2018-11-13T16:06:25.2749566Z ##[debug]task result: Failed

2018-11-13T16:06:25.2807787Z ##[error][SQ] API GET ‘/api/server/version’ failed, error was: {“code”:“UNABLE_TO_VERIFY_LEAF_SIGNATURE”}

2018-11-13T16:06:25.2818639Z ##[debug]Processed: ##vso[task.issue type=error;][SQ] API GET ‘/api/server/version’ failed, error was: {“code”:“UNABLE_TO_VERIFY_LEAF_SIGNATURE”}

2018-11-13T16:06:25.2820748Z ##[debug]Processed: ##vso[task.complete result=Failed;][SQ] API GET ‘/api/server/version’ failed, error was: {“code”:“UNABLE_TO_VERIFY_LEAF_SIGNATURE”}


(Matt O'Brien) #5

I’m assuming this is related to the self signed cert I am using on the Sonar server; can you help me understand how to configure the task correctly to allow for this cert?


(Colin Mueller) #6

Matt,

Check out the comments here:

Colin


(Matt O'Brien) #7

I have now resolved all issues; thanks for the help. I got over the last issue by using a LetsEncrypt certificate instead of a self signed certificate.


SELF_SIGNED_CERT_IN_CHAIN Error on Prepare analysis step when using Azure DevOps and internal SonarQube Server
(Brandon Boone) #8

I also have the same issue where SonarQube says it’s installed but there are no available tasks after installing from the marketplace. @MattOBrienEH did you need to do anything additional or did they just eventually show up?


(Brandon Boone) #9

FYI: I uninstalled the plugin and reinstalled which fixed the issue.


(Matt O'Brien) #10

That was our solution as well Brandon.


(Nk111) #11

Well… I just disabled and re-enabled the extension to get the tasks finally shown :wink:

cheers!