Thursday 10 August 2017

Run a SonarQube analysis in VSTS for unsupported .NET Core projects

With some projects you might face this:

error MSB4062: The "IsTestFileByName" task could not be loaded from the assembly <path>\.sonarqube\bin\SonarQube.Integration.Tasks.dll.

It is a known issue I’m afraid, involving (among the others) .NET Standard.

There is a fairly straightforward workaround IMHO. Instead of using the Scanner for MSBuild as you would, use the CLI scanner that is now provided by VSTS:

sq0

This is enough to let the scanner do its job. This approach can bring a different issue – if you use branches to identify projects in SonarQube, or if you have dynamically set properties, and having a fixed, static properties file doesn’t really work.

Still, nothing really blocking. Do you see the PowerShell Script above? Smile

sq1

This is an example of what you can do – a bit rough, it just adds a line at the end of the file stating the branch to analyse. It can also be much cleaner, but still Smile

Remember that you can always manipulate files in the agent, and that’s what I do. Add whatever line you want with a script like this so that you have granular control in the same way as adding /d:… to the parameters in the regular MSBuild task.

3 comments:

  1. I ran into the MSB4062 error and tried your work around by using the SonarQube Scanner CLI tasks. It runs and updates the projects in SonarQube but it does not identify quality issues or code coverage. I have not implemented a settings file or powershell script. Do you have any thoughts on what needs to happen next to get the code coverage/quality issues to be identified?

    ReplyDelete
  2. You should have a settings file as the properties the task expose are quite limited. Once you have a settings file in place you can set (statically in the file or dynamically via Inline PowerShell) the properties you need for your project.

    ReplyDelete
  3. Hi Matteo, thank you very much for your post. I was trying to solve the sonar problem with your workaround and found a new problem. It throws a java error (long trace) but it is caused by a 404 in https://sonarcloud.io/api/qualityprofiles/search.protobuf?projectKey= (valid productkey I checked it). The project exists in sonarcloud and I can acces the quality profiles, do you have an idea of how could I possibly solve this? Thank you in advance

    ReplyDelete