SonarQube couldn't scan C# codes on Azure web app for containers

allen.c · October 10, 2020, 4:44pm

I was trying to use SonarQube to scan my .NET MVC project. But I met some problems, first I deploy SonarQube image to the Azure web app for containers as a service server. Then followed the instructions to create CI on my Azure DevOps. After completing these steps, everything worked fine. The thing I couldn’t fix is that the scanner only scanned all the static files, such as HTML, CSS… Files with cs extension were all ignored.

Here are my environment and configurations:
Server - Azure web app (Linux) + SonarQube image with Community edition version 8.4.2 (build 36762)
DB - SonarQube embedded H2
MSBuild - latest version
Project - .NET MVC 4.7.2
SCM - Azure DevOps TFVC

sonarqube-log.txt (12.7 KB)

Christophe_Havard · October 16, 2020, 7:37am

Hi @allen.c and welcome to the community

Are you using the Scanner for MSBuild?

allen.c · October 20, 2020, 4:27pm

Hi @Christophe_Havard, thank you for your reply.

Yes, I’m pretty sure that I was using Scanner for MSBuild.
The way I set before running the analysis task: In the Azure DevOps CI pipeline, I inserted a “Prepare analysis on SonarQube” task and chose the option “Integrate with MSBuild” in the configuration section.

Christophe_Havard · October 20, 2020, 2:56pm

hey @allen.c,
Would it be possible for you to provide

the same log you provided, but in verbose mode. To activate it, you can edit your pipeline and add the following snippet at the beginning :

variables:
– name: system.debug
value: true

the background task id of your latest background task on your SonarCloud project. You can find it by going into your project on SonarCloud, then Administration > Background Task. It should look like “AXUntmUOpEe8QSin3l8L”.

Cheers,
Christophe

allen.c · October 20, 2020, 4:42pm

Hi @Christophe_Havard,
The log in debug mode is attached, please take a look at it. Obviously, as the log shows, my .cs files were indexed, but the scanner only scanned HTML, CSS, and javascript as the final report.
For your second request, I’ve to say sorry, I’m not using the SonarCloud. I set up the SonarQube service on the Azure web app for Linux which what I mentioned in the first topic. However, if you really need this information, the task id is also provided at the bottom of the log file.

Thank you.
sonarqube-debug-log.txt (51.0 KB)

mickaelcaro · October 21, 2020, 7:34am

Hi @allen.c

According to those latest logs, you’re not using the “Integrate with MSBuild” option.

May i ask you which kind of pipeline you are using (YAML vs classic) and how did you configure them ?

Thanks.

allen.c · October 21, 2020, 10:53am

Hi @mickaelcaro,

Oh no, I’m sorry about that. I forgot that I changed the pipeline settings for testing.
Here’s the new one with the “Integrate with MSBuild” option selected. Additionally, I also changed the SonarQube version to v7.4 LTS.

Update my environment and configs as below:
Server - Azure web app (Linux) + SonarQube image with Community 7.9.4.35981 (build 36762)
DB - SonarQube embedded H2
MSBuild - 14.0
Project - .NET MVC 4.7.2
SCM - Azure DevOps TFVC
sq-debug-log.txt (83.4 KB)

Thank you for your kindly help!

mickaelcaro · October 22, 2020, 6:24am

Could you please send us the build step log, ideally in a kind of verbose mode. Or maybe trying that verbose mode, and see on you side if you see some logs related to SonarQube ?

allen.c · October 22, 2020, 12:29pm

Hi @mickaelcaro,

Sure, the MSBuild log is attached. FYI.
Thank you.
msbuild-log.txt (5.5 KB)