Must-share information (formatted with Markdown):
- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
Standalone Windows Server 2019 (Virtual machine in Azure)
SonarQube 9.3.0.51899 Enterprise
SonarScanner 4.7.0.2747
Azure Plugin: SonarQube 5.4.0
Java: 11.0.13
- what are you trying to achieve
View + scan code in Azure repo. Currently SonarQube connects to Azure but does not see code.
- what have you tried so far to achieve this:
I have followed the SonarQube Azure guide (Azure DevOps Integration | SonarQube Docs) up to the point of “Configuring branch analysis” (as at the moment we will be using the program to scan specific sections of code rather than in a CI/CD environment, I haven’t integrated it into any pipelines)
Method used to attempt analysis:
Sonar-scanner via CLI:
sonar-scanner.bat -D”sonar.projectKey=PROJECT_PROJECT” -D”sonar.sources-.” -D”sonar.host.url=http://SERVER:9000” -D”sonar.login=[KEY]”
- See attached log.txt for output of the scan
log.txt (6.6 KB)
Result: Project shows “Main branch of this project is empty” instead of saying that it hasn’t been analysed.
SonarQube settings
Administration → DevOps Platform Integrations → Azure
- Check configuration shows no errors
[PROJECT NAME] → Project Settings → DevOps Platform Integration
- Check configuration shows no errors
Azure Settings
Service Connection:
- The service connection has been set up with the token generated in SonarQube, however no history has been logged either in Azure or SonarQube?
Things to note:
- The “MASTER NAME” was correctly pulled into SonarQube from Azure and matches exactly (although it does have a period in it (e.g.: “master.name”) if that makes any difference?)
- Adding a different Azure project with a different “MASTERNAME” (with no period) also populates it in SonarQube correctly, however the same ‘no lines of code’ error occurs
- When initially adding the project, SonarQube also detects the other projects available in the Azure users’ organisation, indicating that the connection to Azure is successful. Here is an example when I attempt to add another project using the same DevOps connection:
-
Encrypted PAT was used for Azure connection [as mentioned on: Azure DevOps Integration | SonarQube Docs]
-
User authentication is via LDAP / AD. SonarQube starts as a service by ‘sonarqubeservice’, and the Azure user is called ‘sonarqubeserviceazure’. LDAP authentication works correctly for users to log onto SonarQube server
-
SonarQube extension has been installed in Azure, even though I don’t think it is required for sonar-scanner?
-
The entire process takes 7 seconds (as per log.txt), so it appears that the even though the connection is successful SonarQube isn’t pulling the code from the repo to analyse.
- INFO: Load project settings for component key: ‘PROJECT_PROJECT’ (done) | time=32ms
- INFO: Load project branches (done) | time=16ms
- I’m assuming these should be taking longer?
-
The Windows Firewall + the Azure Firewall have ports 80 & 9000 open only
-
The SonarQube instance (SONARQUBE:9000) is accessible from other systems
-
Logs show “Success”
Troubleshooting performed thus far:
Deleted project from SonarQube, deleted all tokens, deleted all PATs, regenerated tokens + PATs, retested:
- No change
Created a basic Java program located in a folder on the SonarQube server to test functionality via CLI scan
- Java program analysed successfully (see first screenshot)
In project settings: Disable the SCM sensor setting (on/off)
- No change
Adjusted the setting Code (Read & Write)
in the Azure PAT:
- Attempted both “code (read/write)” and ‘Full Access’
- No change
Azure Service Connections
- Grant access permissions to all pipelines is selected
Googled the heck out of it:
- Nothing I found and tested made any difference
Log files
compute.txt (3.1 KB)
search.txt (1.2 KB)
web.txt (3.2 KB)
system.txt (1.5 KB)
Thoughts:
- As I can analyse a local folder containing code, it appears that SonarQube is installed correctly
- As I can connect to Azure and it pulls the project, and it can see the correct name for the main branch, it appears that the Azure connection is configured correctly
- Am I required to open any further ports for the connection?
I am at a loss as to why it appears SonarQube can access Azure, but can’t pull the code. Any assistance in this matter would be appreciated,