The SonarScanner for MSBuild integration failed - C# ASP .NET Core 3.1 build pipeline Azure DevOps

Getting “The SonarScanner for MSBuild integration failed: SonarCloud was unable to collect the required information about your projects.” exception in Azure DevOps Pipeline for an ASP .NET Core project with this pipeline instructions:

  • task: DotNetCoreCLI@2
    inputs:
    command: ‘build’

  • task: SonarCloudPrepare@1
    inputs:
    SonarCloud: ‘SonarCloud’
    organization: ‘XX’
    scannerMode: ‘MSBuild’
    projectKey: ‘XX’
    projectName: ‘XX’
    extraProperties: |
    #sonar.verbose=true
    #sonar.debug = true

  • task: SonarCloudAnalyze@1

  • task: SonarCloudPublish@1
    inputs:
    pollingTimeoutSec: ‘300’

We tried to use scannerMode ‘CLI’ which seems to work, but then it just analyses some html files rather than c# solution. Tests are built with Xunit but I guess this isn’t the issue as well.

We are working with a solution file in the root directory of the repository and projects/tests in subdirectories (src/test). Build works. Any ideas?

@sitch your CI steps are not in the correct order. There are a number of detailed walkthroughs on setting up an Azure Pipeline e.g. this one from MS: Exercise - Scan from the build pipeline by using SonarCloud, which includes the following:

Notice that SonarCloudPrepare@1 appears before the project is built or any tests are run. Similarly, SonarCloudAnalyze@1 and SonarCloudPublish@1 appear after the project is built and all tests are run. This is the same process you used when you scanned locally from the command line.

@duncanp that did the trick, thank you! The order we used worked for the JS/html frontend repositories, so we thought it should also work for the C# backend part. Just out of curiousity, why is it important that the SonarCloudPrepare runs before test/build? I assume since it is a static analysis, the test/build process shouldn’t influence the affected files so that the order becomes important?

Great.

The analysis rules for most languages (e.g. JS/HTML) are executed during the analyze step.

However, the C# and VB.NET rules are implemented as Roslyn analyzers so they are executed by the Microsoft compiler during the MSBuild step. The prepare step pulls down information from SonarCloud/SonarQube server needed to configure the rules, which is why it needs be executed before the build step.

Understood, makes sense, and thanks for the explanation!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.