The SonarScanner for MSBuild integration failed - C# ASP .NET Core 3.1 build pipeline Azure DevOps

Get help SonarCloud
,
#1

Getting “The SonarScanner for MSBuild integration failed: SonarCloud was unable to collect the required information about your projects.” exception in Azure DevOps Pipeline for an ASP .NET Core project with this pipeline instructions:

  • task: DotNetCoreCLI@2
    inputs:
    command: ‘build’

  • task: SonarCloudPrepare@1
    inputs:
    SonarCloud: ‘SonarCloud’
    organization: ‘XX’
    scannerMode: ‘MSBuild’
    projectKey: ‘XX’
    projectName: ‘XX’
    extraProperties: |
    #sonar.verbose=true
    #sonar.debug = true

  • task: SonarCloudAnalyze@1

  • task: SonarCloudPublish@1
    inputs:
    pollingTimeoutSec: ‘300’

image
image1625×797 78.9 KB

We tried to use scannerMode ‘CLI’ which seems to work, but then it just analyses some html files rather than c# solution. Tests are built with Xunit but I guess this isn’t the issue as well.

We are working with a solution file in the root directory of the repository and projects/tests in subdirectories (src/test). Build works. Any ideas?

#2

@sitch your CI steps are not in the correct order. There are a number of detailed walkthroughs on setting up an Azure Pipeline e.g. this one from MS: Exercise - Scan from the build pipeline by using SonarCloud, which includes the following:

Notice that SonarCloudPrepare@1 appears before the project is built or any tests are run. Similarly, SonarCloudAnalyze@1 and SonarCloudPublish@1 appear after the project is built and all tests are run. This is the same process you used when you scanned locally from the command line.

#3

@duncanp that did the trick, thank you! The order we used worked for the JS/html frontend repositories, so we thought it should also work for the C# backend part. Just out of curiousity, why is it important that the SonarCloudPrepare runs before test/build? I assume since it is a static analysis, the test/build process shouldn’t influence the affected files so that the order becomes important?

#4

Great.

The analysis rules for most languages (e.g. JS/HTML) are executed during the analyze step.

However, the C# and VB.NET rules are implemented as Roslyn analyzers so they are executed by the Microsoft compiler during the MSBuild step. The prepare step pulls down information from SonarCloud/SonarQube server needed to configure the rules, which is why it needs be executed before the build step.

#5

Understood, makes sense, and thanks for the explanation!

#6

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.