SonarQube Azure Devops PR comments uses wrong path

SonarQube Server / Community Build
,
1

Hello!

We are currently evaluating SonarQube Developer edition (v10.7 (96327)) with Azure DevOps services - primary to do code check in Pull Requests.

The problem is that comments in PR was created using wrong path for files, eg commentary to file “src/folder/code.cs” is commented as to “/s/src/folder/code.cs”, and because of that file didn’t displayed in comments of PR.

Azure pipeline used is this:

- task: SonarQubePrepare@7
  inputs:
    SonarQube: 'SonarQube analyze'
    scannerMode: 'dotnet'
    projectKey: '<REDACTED>'

// Do project build

- task: SonarQubeAnalyze@7
  inputs:
    jdkversion: 'JAVA_HOME_21_X64'

- task: SonarQubePublish@7
  inputs:
    pollingTimeoutSec: '300'

I assume the problem is related to Azure DevOps agents works: at the task start agent creates folder inside _work folder and designate it as work folder for whole pipeline (for example, “/opt/azagent/_work/1”), then agent does repo checkout to /s/.

My assumption is that tasks designated for SonarQube take path as the root of scan, and then push report to server with files that have prefix /s/, which doesn’t exist in repo.

I’ve tried to add extra parameters to the SonarQubePrepare task, like sonar.projectBaseDir=$(Build.SourcesDirectory)/ (or just s/), but it didn’t help.

3

Hi @kbelykh

Thanks for letting us know about this issue.

It seems the sonar.projectBaseDir path detection when running on AzureDevOps on Unix-based systems is broken. I have created an issue for this and you can follow the progress here: [SCAN4NET-147] - Jira

1 Like
4

Hello Costin!

Thank you for reply, i will monitor that issue on Jira!

Best,
Konstantin

5

Hi Konstantin,

I’ve fixed the issue and done a release. The Azure Extension will be probably released next week.

Until the extension is released you can try the fix by configuring the pipeline to use the latest scanner version.

You can do so using:

- task: SonarQubePrepare@3
  inputs:
    SonarCloud: '<>'
    organization: '<>'
    scannerMode: 'dotnet'
    msBuildVersion: '9.0.1.102776'
    projectKey: '<>'
    projectName: '<>'

Please let me know if this is fixing the problem for you.

1 Like
7

Hi Costin,

Thank you for the information about fix, I’ll wait for update of AZDO extension, since we are using it and manually adding line you provided in pipeline doesn’t change outcome for now

Best,
Konstantin

8

Hi Konstantin,

If you tried with the new scanner version and the issue is not fixed, there might be an additional problem. Could you please share the verbose logs with the updated version?

10

Hi Costin!

I’ve tried adding msBuildVersion: '9.0.1.102776' or dotnetScannerVersion: '9.0.1.102776' to the inputs of the task SonarQubePrepare@7 but after this change no code was sent to PR and Analyze task finishes in just 30 seconds.

I’ve looked at similar issue that was created recently, that has same Jira ticket in it, but it uses Sonar Cloud as endpoint, not Sonar Qube as in my situation, maybe it is somehow related?

As for logs, I’ve attached them as file to this comment
Prepare.txt (2.1 KB)
Analyze.txt (709.0 KB)

11

Hi Konstantin,

Thanks for the logs and all the details. I’m sorry to ask again but could you share the logs with verbose mode enabled?

To enable verbose mode you need to set this in the prepare task:

- task: SonarQubePrepare@7
  inputs:
    .....
    extraProperties: |
      sonar.verbose=true

This will give us more details about the paths used.

Regarding the problem you are facing, I’m not sure I got it right.

The problem is that comments in PR was created using wrong path for files, eg commentary to file “src/folder/code.cs” is commented as to “/s/src/folder/code.cs”, and because of that file didn’t displayed in comments of PR.

Do I understand correctly that the issues are imported into SonarQube but they have the “/s/src/folder/code.cs” path format instead of “src/folder/code.cs”?

13

Hi Costin,

Attached below is log with verbose logging enabled
sonar-prepare-verbose.txt (11.2 KB)

Do I understand correctly that the issues are imported into SonarQube but they have the “/s/src/folder/code.cs” path format instead of “src/folder/code.cs”

yes, that is correct

Best,
Konstantin

14

Could you please share the logs from the SonarQubeAnalyze task as well?