I have a pipeline in Azure DevOps which is triggered by PR requests. There are three SonarCloud tasks in this pipeline - Prepare analysis on SonarCloud, (my project build step is here), Run Code Analysis and then Publish Quality Gate Result.
When this pipeline is triggered by a PR, it's all fine until gets to the Run Code Analysis task, which then fails with the below error messages:
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 9.173s
INFO: Final Memory: 7M/48M
INFO: ------------------------------------------------------------------------
##[error]ERROR: Error during SonarScanner execution
ERROR: Error during SonarScanner execution
##[error]ERROR: Not authorized. Please check the properties sonar.login and sonar.password.
ERROR:
ERROR: Not authorized. Please check the properties sonar.login and sonar.password.
ERROR:
##[error]The SonarScanner did not complete successfully
The SonarScanner did not complete successfully
##[error]18:32:43.506 Post-processing failed. Exit code: 1
18:32:43.506 Post-processing failed. Exit code: 1
Here's the thing: whenever this same pipeline is triggered NOT by a PR, either manually or automatically by a daily schedule, it runs and passes with no issues, on any branch. If I trigger the pipeline for the branch being pulled in (not via the PR), it runs and passes fine.
Why is authorization failing only when it's triggered by a PR?! Why isn't it using the same PAT token from SonarCloud that the SAME pipelines use when triggered manually??
Why is authorization failing only when it's triggered by a PR?! Why isn't it using the same PAT token from SonarCloud that the SAME pipelines use when triggered manually??
According to the description, it seems the PAT do not have enough permissions.
You could try to update the PAT with Full access to test:
Update the PAT in your SonarCloud.
You could check this document for some more details.
I've now found the answer, the issue was the PAT issued by Azure DevOps wasn't set in the correct place on SonarCloud. I was putting it in [SonarCloud Project] -> Administration -> General Settings -> Pull Requests -> Personal access token, when in fact it should be stored in [SonarCloud Organisation] -> Administration -> Organisation settings -> Azure DevOps connectivity management -> Personal Access Token, as shown below:
Related
I am trying to deploy Azure Data Factory from development to Test and Production instances using Azure DevOps. The pipeline steps include:
Copying the Linked Templates to a storage account (Azure PowerShell Task).
Disabling the triggers (Azure PowerShell Task).
ARM Template Deployment (Azure Resource Group Deployment Task).
Enabling the Triggers (Azure PowerShell Task).
I have set the override parameters for Test and Production Tasks.
The deployment to the Test Data Factory completed successfully. However, when I tried deploying it to the Production Data Factory, it failed giving the following error :
There were errors in your deployment. Error code: DeploymentFailed.
2022-11-24T14:20:51.2337688Z ##[error]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
2022-11-24T14:20:51.2339819Z ##[debug]Processed: ##vso[task.issue type=error;]At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
2022-11-24T14:20:51.2340752Z ##[error]Details:
2022-11-24T14:20:51.2341700Z ##[debug]Processed: ##vso[task.issue type=error;]Details:
2022-11-24T14:20:51.2343511Z ##[error]DeploymentFailed: At least one resource deployment operation failed. Please list deployment operations for details. Please see https://aka.ms/DeployOperations for usage details.
2022-11-24T14:20:51.2351532Z ##[error]Task failed while creating or updating the template deployment.
2022-11-24T14:20:51.2352528Z ##[debug]Processed: ##vso[task.issue type=error;]Task failed while creating or updating the template deployment.
2022-11-24T14:20:51.2361768Z ##[debug]Processed: ##vso[task.complete result=Failed;]Task failed while creating or updating the template deployment.
I checked the steps for Test and Production tasks, and both seems correct to me. The Resource Group, Data Factory name, template parameters all have been set up.
How do I resolve this, since the error doesn't point to anything specific?
The issue was with my connection to the Shared Integration Runtime for Data Factory.
So, the steps I followed were as follows :
In the Azure Portal, go to your Resource Group -> Activity Log
Here, I found the exact cause of my Data Factory deployment failing.
Access denied. Unable to access shared integration runtime 'integrationRuntimeSelfHosted'. Please check whether this resource has been granted permission by the shared integration runtime.
Then I went to the Data Factory, where I had created the integration runtime and granted access to the new Data Factory which I was trying to deploy.
Go to Azure DevOps -> Deploy the Pipeline again.
Following the above steps helped me resolve my issue.
We are using the Sonarcloud plugin in Azure DevOps. Suddenly, we get the following error in our build pipeline:
##[error]ERROR: Error during SonarScanner execution ERROR: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization'
properties, the 'SONAR_TOKEN' environment variable, or contact the
project administrator ERROR: ERROR: Error during SonarScanner
execution ERROR: Project not found. Please check the
'sonar.projectKey' and 'sonar.organization' properties, the
'SONAR_TOKEN' environment variable, or contact the project
administrator ERROR:
##[error]The SonarScanner did not complete successfully The SonarScanner did not complete successfully
##[error]09:51:19.094 Post-processing failed. Exit code: 1 09:51:19.094 Post-processing failed. Exit code: 1
##[error]The process '/usr/bin/dotnet' failed with exit code 1
Authentication is done with ServiceConnections and the token verification is still valid. I also tried to use a new SonarCloud Authentication token for the ServiceConnection. We haven't changed anything in the infrastructure or on the SonarCloud platform, and it was working fine 5 days ago.
I tried to set Administration / Permission / Execute Analysis to "Anyone" (also checked all users) without success.
Any ideas?
The PAT (Personal Access Token) has expired.
Create one in Azure DevOps and add it Administration / Organization settings / Azure DevOps connectivity management / New Personal Access Token
Note: I had to abandon my Pull-Request and create a new one after using the new PAT.
I would like to see this more clearly indicated on the platform (e.g. by an info bar at the top of the platform)
we use yaml pipelines in azure devops and use the 'limit job authorization scope' and 'Protect access to repositories in YAML pipelines' on organization level. but now we need some cross-project azure pipelines and as expected we get an authorization error when using the checkout task:
remote: TF401019: The Git repository with name or identifier SecondRepo does not exist or you do not have permissions for the operation you are attempting.
fatal: repository 'https://dev.azure.com/myorg/SecondProject/_git/SecondRepo/' not found
##[warning]Git fetch failed with exit code 128, back off 1.451 seconds before retry
We thought we were smart and gave the 'FirstProject Build Service (myorg)' (which runs the pipeline) access to the SecondRepo repository. However, we still get the authorization error described above.
i would have expected that the limit job authorization settings would not automatically give the user more rights. but as it looks to us, manually set rights are probably also deliberately removed.
is this intended?
Please make sure to disable the Limit job authorization scope to current project for non-release pipelines setting at project level and organization level for the project where you are running the pipeline. For more details, please refer to here.
How do i know who executed or rerun the failed jobs in Azure devops pipeline which ws initially triggered by x user.
If you want to get Azure Pipeline build result, you can use the following rest API
GET https://dev.azure.com/{organization}/{project}/_apis/build/builds?definitions={definitions}&queues={queues}&buildNumber={buildNumber}&minTime={minTime}&maxTime={maxTime}&requestedFor={requestedFor}&reasonFilter={reasonFilter}&statusFilter={statusFilter}&resultFilter={resultFilter}&tagFilters={tagFilters}&properties={properties}&$top={$top}&continuationToken={continuationToken}&maxBuildsPerDefinition={maxBuildsPerDefinition}&deletedFilter={deletedFilter}&queryOrder={queryOrder}&branchName={branchName}&buildIds={buildIds}&repositoryId={repositoryId}&repositoryType={repositoryType}&api-version=6.0
For more details, please refer to https://learn.microsoft.com/en-us/rest/api/azure/devops/build/builds/list?view=azure-devops-rest-6.0
This happened maybe once every 2 weeks, but lately it happens a few times until the build succeeds once.
GET https://api.nuget.org/v3-flatcontainer/xamarin.uitest/3.0.9/xamarin.uitest.3.0.9.nupkg
##[error]C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\Common7\IDE\CommonExtensions\Microsoft\NuGet\NuGet.targets(128,5): Error : [CredentialProvider]Device flow authentication failed. User was presented with device flow, but didn't react within 90 seconds.
----- Update ----
After further digging in the logs, I found out that it was due to an 401 (Unauthorized) access to a private feed (in the same organization as the project where the pipeline fails).
A temporary solution was to remove the specific *.csproj, that needed this private feed, from the solution build config, and also remove the private feed from the pipeline. This got the pipeline working again.
---- More Pipeline infos ----
I can't post the entire code here.
pool:
vmImage: 'windows-latest'
variables:
configuration: NugetB
steps:
- task: MSBuild
displayName: 'MSBuild'
inputs:
solution: '**\xxSolutionxx.sln'
msbuildArchitecture: 'x64'
configuration: '$(configuration)'
msbuildArguments: '/t:restore;build;pack /p:PackageOutputPath=$(Build.ArtifactStagingDirectory) /p:RestoreAdditionalProjectSources=https://urlToPrivateFeedInTheSameOrganization /p:configuration=$(configuration) /p:NuGetInteractive="true"'
Azure build pipeline sporadic error, [CredentialProvider]Device flow authentication failed
If you have task/script access to azure ariftact feed in your pipeline, then please try to use the System.AccessToken variable to authenticate a pipeline to a private Azure Artifacts feed or try to reset your PAT.
You could check this document for some more details.
Besides, if above not resolve your question, please share how did you access the artifact and the build pipeline configuration.