SonarQube

The Issue We saw an issue with our SonarQube 10.3 Developer Edition (that is running as a Docker image hosted in Azure) when it was doing the analysis of a project that included Azure Bicep files. The Azure DevOps pipeline that triggered the SonarQube analysis was not failing, but within the SonarQube analysis step an error was reported in the task log INFO: Sensor IaC AzureResourceManager Sensor is restricted to changed files only INFO: 1 source file to be analyzed ##[error]ERROR: Cannot parse 'AzureServices/QueryPack....

The Problem We run our SonarQube instance in a Docker container hosted in an Azure Web App Service. Today, with no notice, it failed. We did the obvious, just tried to restart it and the startup process failed. Looking at the Azure Web App’s Log Stream we could see the following error repeated on each restart attempt 2023-09-27T15:30:00.797Z INFO - Starting multi-container app.. 2023-09-27T15:30:01.024Z INFO - Pulling image: sonarqube:10.1-developer 2023-09-27T15:30:02.100Z INFO - 10....

This is another of those posts to remind me in the future. I searched the documentation for this answer for ages and found nothing, eventually getting the solution by asking on the SonarQube Forum When you link SonarQube into an Azure DevOps pipeline that is used from branch protection the success, or failure, of the PR branch analysis is shown as an optional PR Check The question was ‘how to do I make it a required check?...

Whilst adding SonarQube analysis to a large project I started getting memory errors during the analysis phase. The solution was to up the memory available to the SonarQube Scanner on the my build agent, not the memory on the SonarQube server as I had first thought. This is done with an environment variable as per the documentation, but how best to do this within our Azure DevOps build systems? The easiest way to set the environment variable `SONAR_SCANNER_OPTS` on every build agent is to just set it via a Azure Pipeline variable....

We have been looking migrating some of our common .NET Core libraries into new NuGet packages and have taken the chance to change our build process to use Azure DevOps Multi-stage Pipelines. Whilst doing this I hit a problem getting SonarQube analysis working, the documentation I found was a little confusing. The Problem As part of the YAML pipeline re-design we were moving away from building Visual Studio SLN solution files, and swapping to ....