SQ DE 7.3 not decorating TFS PRs

,

Hello,

I have installed a trial version of SonarQube DE 7.3 and followed the setup instructions here https://docs.sonarqube.org/display/SONAR/Pull+Request+Analysis and here https://docs.sonarqube.org/display/SCAN/Analyzing+with+SonarQube+Extension+for+VSTS-TFS. Also went through local instructions at http://localhost:9000/documentation/analysis/pull-request

All seems to work correctly apart from the PR decoration. There are no comments in the PR.
I am triggering a build through branch policies (build validation):

It runs through fine and creates a branch analysis on sonarqube

But the issues found in the analysis are not visible on my PR

Is there anything else I need to do to? Could it be a problem with my user access token? (I’m not a tfs admin) or could it be that I’m using a branch build validation build to trigger the analysis?

Thanks

Just adding some extra info, our TFS is 2018.2
Using the extension version 4.4.1 and tasks version is 4.*

I have tested a token from a system admin and the result is the same.

The ce logs show: Failed to access VSTS, the repository or the Pull Request: API resource location 225f7195-f9c7-4d14-ab28-a83f7ff77e1f is not registered on https://tfs:444/tfs/Common/. javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.

Unsure if that is related to comments not showing

Roberto,

If you check the Pull Request Analysis documentation, you’ll see that SonarQube and VSTS is not a currently supported configuration.

Colin

Hi Collin,

Thanks for your reply. I’m using TFS, not VSTS and that page says it is available.

Cheers

Ah, apologies. I saw your note about ce.log which mentioned VSTS and got my wires crossed.

NIco’s post here provides some insight: Run Code Analysis Task on TFS 2018 fails every time with certificate error

I wonder if your SonarQube server does not have the necessary certificates in its java trust stores to access your (https) TFS instance?

Colin

I’m running the server locally and haven’t added any certificates so that’s likely. How would I go about adding it?

Thanks

Here’s what I’ve tried so far:

Add certificate (with public key) via Java Control Panel > Security > Manage Certificates…
Add certificate to JRE default cacerts keystore.
Add certificate to .keystore on default user folder C:\Users<username>.keystore

None of these made a difference, still getting the same error.
Do I need to tell sonarqube to look at a specific store?
Does the certificate need to include public/private keys?

Any help would be appreciated.

Thanks

Issue was solved by downloading the correct certificate from the tfs website, using chrome dev tools, and adding it to the default cacerts keystore

2 Likes