SonarQube issues in VSTS Build are detected but not posted to VSTS Pull Reuests

158 views
Skip to first unread message

pieter....@gmail.com

unread,
May 12, 2017, 9:23:27 AM5/12/17
to SonarQube
Environment: 
  • SonarQube Version 6.3.1 (build 21392)
  • VSTS git repo
  • C# web application
Actions performed:
  • master branch has a branch policy linked to a CI build definition using the SonarQube build tasks (https://marketplace.visualstudio.com/items?itemName=SonarSource.sonarqube)
  • SonarQube project setup with default quality profile and quality gate - manual build loads the SonarQube results into the project ... all good.
  • New feature branch from master
  • Adding some new "violations" to the feature branch and creating a new pull request
  • Pull request does not pick up the new violations
Log messages:

2017-05-12T13:08:45.8746183Z SonarQube found 535 issues out of which 4 are new
2017-05-12T13:08:45.8746183Z 
2017-05-12T13:08:45.8746183Z 
2017-05-12T13:08:45.8902552Z 4 issue(s) do not relate to a specific file and will not be posted to the code review

New issues have apparently been detected during the SonarQube analysis, but have not been pushed to the PR / code review ... 

What's causing the log message above? Issues not related to a specific file? Why are the violations not posted to the code review? In my test case here, I added some unused variables and a private method which was not called.

Any help to understand this behavior? Thanks for your help!

Best regards,

Pieter.

Julien HENRY

unread,
May 16, 2017, 8:31:41 AM5/16/17
to SonarQube, pieter....@gmail.com
Hi Pieter,

Are the issues you expect coming from fxcop analyzer? I remember some fxcop issues were always reported on the root project, and not on a specific file.

Just to be sure, could you run a "normal" analysis on your branch (passing /d:sonar.branch=foo to the begin step if you don't want to mess up your analysis history of your master) and check if the new issues are reported on files or at project level.

++

Julien

pieter....@gmail.com

unread,
May 19, 2017, 9:01:33 AM5/19/17
to SonarQube, pieter....@gmail.com
Hi Julien,

one of the issues that should pop us is the violation for the rule S1144: "Unused private types or members should be removed". From what I expect this should be an issue on the specific C# file.

When completing my pull request and running the analysis on the master branch, the issues correctly show up in the SonarQube (normal) analysis report, so my question remains why the violations are not injected into the PR ...

Best regards,

Pieter.

pieter....@gmail.com

unread,
May 31, 2017, 4:12:37 AM5/31/17
to SonarQube, pieter....@gmail.com
After some help from Duncan Pocklington (MSFT), I got extra pointers to troubleshoot this issue and the fact why the SonarQube issues were not injected into the Pull Request were due to a colon in the project key. This resulted in issues being marked as "assembly" level issues instead of "file" level issues. So, be sure to validate your project key if you have similar issues.

Julien HENRY

unread,
May 31, 2017, 5:25:23 AM5/31/17
to SonarQube, pieter....@gmail.com
Thanks for the feedback. Issue tracked:
Reply all
Reply to author
Forward
0 new messages