SonarScanner VSTS Extension no longer scanning C#

Hi all,

We’ve been using v4.15 of the SonarQube Plugin for Azure DevOps Server 2019 (TFS) and last night this auto updated to v4.16.

Since the update, we’ve noticed that some C# code is no longer scanned by this step or shown within SonarQube.

Checking the patch notes for this extension in github (https://github.com/SonarSource/sonar-scanner-vsts/commit/c74758dcb3332d477bbbff48186c1c244e04d750), I can see that the MSBuild version has been changed from 4.10 to version 5.0.3.

When checking in previous commits/updates I can see that this change has implemented before but then rolled back. Was there a reason for this? Has this change/update to MSBuild versions caused issues with code analysis before and what are our options going forward to resolve this issue?

Cheers,

Tom

Hi @tomf

What are those issues you have exactly ? Can you share a bit more context ?

Thank you in advance.

Hi Mickael,

Effectively, after scanning our C# code base using v4.1.6 of SonarScanner extension, the project containing C# code now shows in SonarQube as having zero lines of C# code in it.

Whereas when this was scanned with v4.1.5 , there was 2k lines of C# code.

Cheers,

Tom

Would it be possible to have a Run Code Analysis task log in debug mode please ?

Thanks.

I’ll give it a go, but looking at the step I can’t see where to enable that?

image556×634 11.5 KB

You can add the pipeline variable “system.debug” and set it to true.

That’s been run now. What information would you like from the output logs?

Cheers,

Tom

There’s a dump of the sonar-project.properties file the scanner generates. It helps seeing which file will be analyzed generally. Do you see yours in here ? Or there’s nothing at all ?

So there is a sonar.properties file in there, but the time of creation isn’t the same date/time (or near the date/time) as the any of builds (incl the debug build).

Looking at the contents of the file that was created, it displays the following information.

image925×149 5.26 KB

Sorry, i mean the file should be dumped in the log directly in debug mode. Its location is generally under the .sonarqube\out folder (at the same level as your sources root directory.

Ahhh apologies =)

I’ve checked the .sonarqube\out folder and there’s a sonar-project.properties file in there and its populated =)

Is this the one, or should there be another file just called sonar.properties?

No this should be the one. Can you check in it the different sonar.sources fields to see if there’s something obvious missing ?

Ahhh so I can see that some of them are populated and some of them aren’t populated.

The ones that are populated have file paths in them, and from what I can tell the ones that aren’t populated have the element below populated, which is sonar.tests (again with file paths).

I’m guessing this is correct, or should all of the sonar.sources be populated?

No you’re right, you should have the one or the other populated.

Ahhh okay at least that seems to be working okay then =) What would the next aspect to check be? or is the fact that those aspects are populated mean it should be working?

This does mean that files have been at least discover, but for some reason on your case, they have not been analyzed, right ? Can you share me the whole log privately please ? it will be easier for me to try to see what’s going on.

I need the Run Code analysis task, with debug mode enabled. I’ll send you a PM.

Thanks in advance.

I think that’s whats going on. I’ll just get those logs and send them over in a DM for you.

Cheers Mickael

Hi @mickaelcaro - I’ve been working with Tom on this. He’s finished for the day now. Are you able to DM me for the rest of the day instead of Tom please on this.

Thanks

Hi @mickaelcaro - Did you come to any conclusions why we might be facing this issue ? Do you need any further info/logs from us ?

Hi @ArronH

I’m still investigating the issue.

Mickaël