ciricihq / gitlab-sonar-scanner Goto Github PK
View Code? Open in Web Editor NEWThis project is no longer maintained
License: GNU General Public License v3.0
This project is no longer maintained
License: GNU General Public License v3.0
For the correct analysis of the projects where Typescript is used, it is necessary to add the command for the installation of npm and typescript.
It would be nice to add this:
RUN \
apk add --no-cache npm && \
npm install -g typescript
As this is a plugin for properly integrating sonarqube with gitlab, the option sonar.gitlab.failure_notification_mode
should be set to exit-code
by default.
Otherwise, if the build crashes it generates a strange behavior in the pipelines, as described in gabrie-allaigre/sonar-gitlab-plugin#51
Hi!
Thanks for this image that save me a lot of time and effort!
But if I manage to connect the docker and the sonar server, it seems that it's analysing all the source files (10min) even in ISSUE mode.
Here is my gitlab-ci job
SonarQube:
stage: quality
image: ciricihq/gitlab-sonar-scanner
variables:
SONAR_URL: http://sonar.***.***
SONAR_ANALYSIS_MODE: issues
script:
- gitlab-sonar-scanner
allow_failure: true
and my sonar-project.properties
sonar.sources=.
sonar.java.binaries=*/build
sonar.sourceEncoding=ISO-8859-1
sonar.gitlab.project_id=git@gitlab.***.***:2003/*******/***.git
In the job log it says:
INFO: 18831/18831 source files have been analyzed
As you can see here (https://hub.docker.com/r/ciricihq/gitlab-sonar-scanner/builds) the Docker builds are failing.
A local test shows that the Dockerfile cannot find the required ZIP file on line 6. Not sure if you just can replace the URI with the following one as it may change in the future:
Running with gitlab-runner 10.1.0 (c1ecf97f)
on docker-auto-scale (4e4528ca)
Using Docker executor with image ciricihq/gitlab-sonar-scanner ...
Using docker image sha256:c38adbd8d8ac40dbf41049bcec2b844d2ffadbb583ef7c076cc510355547140e for predefined container...
Pulling docker image ciricihq/gitlab-sonar-scanner ...
Using docker image ciricihq/gitlab-sonar-scanner ID=sha256:3013138cd504c8ec0fdccc94d2e952391445d9dde4ebe79b4d554aadcc878e54 for build container...
Running on runner-4e4528ca-project-4603510-concurrent-0 via runner-4e4528ca-srm-1510236136-77e6203a...
Cloning repository...
Cloning into '/builds/satskiy.a/KRUSHER'...
Checking out bc77635a as dev...
Skipping Git submodules setup
$ unset CI_BUILD_REF && /usr/bin/sonar-scanner-run.sh
INFO: Scanner configuration file: /sonar-scanner-3.0.3.778/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner 3.0.3.778
INFO: Java 1.8.0_131 Oracle Corporation (64-bit)
INFO: Linux 4.11.12-coreos-r1 amd64
INFO: User cache: /root/.sonar/cache
INFO: Publish mode
INFO: Load global settings
INFO: Load global settings (done) | time=775ms
INFO: User cache: /root/.sonar/cache
INFO: Load plugins index
INFO: Load plugins index (done) | time=209ms
INFO: Download sonar-flex-plugin-2.3.jar
INFO: Download sonar-scm-git-plugin-1.2.jar
INFO: Download sonar-gitlab-plugin-2.1.0.jar
INFO: Download sonar-scm-svn-plugin-1.5.0.715.jar
INFO: Download sonar-javascript-plugin-3.2.0.5506.jar
INFO: Download sonar-java-plugin-4.15.0.12310.jar
INFO: SonarQube server 6.6.0
INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)
INFO: Process project properties
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 11.350s
INFO: Final Memory: 45M/196M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
ERROR: You must define the following mandatory properties for 'Unknown': sonar.projectKey, sonar.sources
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.
ERROR: Job failed: exit code 1
Hi, I'm beginner with sonarqube and gitlab-ci. Just realise this useful solution, but I'm facing an issue. I'm using local host SonarQube, been testing the script below:
sonar-qube:
stage: sonar-qube
image: ciricihq/gitlab-sonar-scanner
variables:
SONAR_URL: http://localhost:9000
SONAR_ANALYSIS_MODE: publish
script:
- echo "sonar scan..."
- gitlab-sonar-scanner
- echo "testing..."
However, I'm receiving message like
ERROR: SonarQube server [http://localhost:9000] can not be reached
For your information, I have started up SonarQube server from terminal before the yml script run. Hope anyone from the community could provide advice in this matter. Thanks!
After yesterday's remove of unnecessary assignment SONAR_PROJECT_KEY=$CI_PROJECT_NAME,
I get
You must define the following mandatory properties for 'Unknown': sonar.projectKey
my yml config looks like this:
sonarqube:
stage: analysis
image: ciricihq/gitlab-sonar-scanner
variables:
SONAR_URL: "https://sonarurl.sonar"
SONAR_ANALYSIS_MODE: "issues"
SONAR_TOKEN: "token"
SONAR_PROJECT_KEY: "$CI_PROJECT_NAME"
SONAR_PROJECT_NAME: "$CI_PROJECT_NAME"
SONAR_PROJECT_VERSION: "$CI_JOB_ID"
SONAR_GITLAB_PROJECT_ID: "$CI_PROJECT_ID"
script:
- /usr/bin/sonar-scanner-run.sh
tags:
- runner
Should I add it to the script execution like /usr/bin/sonar-scanner-run.sh -Dsonar.projectKey=$CI_PROJECT_NAME
?
Hello,
I created a new version of this tool, it's available here if you are interested: https://github.com/dcuenot/gitlab-sonar-scanner-with-quality-gate
I'm currently using Sonar scanner version 4.3.0.2102
And I also developed a CLI to collect the result of Sonar Quality Gate, and display it in Gitlab comments.
Feel free if you have any feedbacks.
And thanks ciricihq for this initial work!
Damien
Please,
I have this error when running sonar-scanner, it is something related to Gitlab API V3.
Caused by: java.io.FileNotFoundException: https://gitlab.com/api/v3/projects at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1872) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1474) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) at com.talanlabs.gitlab.api.v3.http.GitLabHTTPRequestor.parse(GitLabHTTPRequestor.java:336) at com.talanlabs.gitlab.api.v3.http.GitLabHTTPRequestor.toPaged(GitLabHTTPRequestor.java:144) at com.talanlabs.gitlab.api.v3.services.GitLabAPIProjects.getProjects(GitLabAPIProjects.java:101) at com.talanlabs.gitlab.api.v3.services.GitLabAPIProjects.getProjects(GitLabAPIProjects.java:43) at com.talanlabs.sonar.plugins.gitlab.GitLabApiV3Wrapper.getGitLabProject(GitLabApiV3Wrapper.java:90) at com.talanlabs.sonar.plugins.gitlab.GitLabApiV3Wrapper.init(GitLabApiV3Wrapper.java:63)
Sonar 7.7 does not support sonar.analysis.mode
gabrie-allaigre/sonar-gitlab-plugin#132
A 7.7 compatibility patch is currently PR
gabrie-allaigre/sonar-gitlab-plugin#226
When someone try to add custom arguments to the gitlab-sonar-scanner
command, only the first argument is watched because of the last line of that sonar-scanner-run.sh
file
gitlab-sonar-scanner/sonar-scanner-run.sh
Line 84 in 3115ed4
All other argument is ignored.
I tried to pass
script:
- gitlab-sonar-scanner -X -Djavax.net.ssl.trustStore=/usr/bin/local.keystore -Djavax.net.ssl.trustStorePassword=changeit
arguements to bypass the custom, enterprise wide, self-signed root CA certificates ignoring (related issue to: #40)
Hi,
I just tried to use your Docker image to integrate Gitlab and SonarQube.
I have a Gitlab-CI job which is generating a test coverage report in XML format (which is stored as an artefact). How can I upload this report to Sonar?
Best regards,
Thierry
.gitlab-ci.yml
sonar-scan:
image: ciricihq/gitlab-sonar-scanner
variables:
SONAR_URL: http://xxx.com
SONAR_PROJECT_VERSION: $CI_BUILD_ID
SONAR_ANALYSIS_MODE: publish
script:
- unset CI_BUILD_REF && /usr/bin/sonar-scanner-run.sh
logs
ERROR: Failed to get Node.js version
java.io.IOException: Cannot run program "node": error=2, No such file or directory
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
at java.lang.Runtime.exec(Runtime.java:620)
at java.lang.Runtime.exec(Runtime.java:450)
at java.lang.Runtime.exec(Runtime.java:347)
at org.sonar.plugin.typescript.ExternalTypescriptSensor.isCompatibleNodeVersion(ExternalTypescriptSensor.java:155)
at org.sonar.plugin.typescript.ExternalTypescriptSensor.analyze(ExternalTypescriptSensor.java:115)
at org.sonar.plugin.typescript.ExternalTypescriptSensor.execute(ExternalTypescriptSensor.java:109)
at org.sonar.scanner.sensor.SensorWrapper.analyse(SensorWrapper.java:53)
at org.sonar.scanner.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:88)
at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:82)
at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:68)
at org.sonar.scanner.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:88)
at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:180)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:288)
at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:283)
at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:261)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
at org.sonar.scanner.task.ScanTask.execute(ScanTask.java:48)
at org.sonar.scanner.task.TaskContainer.doAfterStart(TaskContainer.java:84)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
at org.sonar.scanner.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:121)
at org.sonar.batch.bootstrapper.Batch.doExecuteTask(Batch.java:116)
at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:111)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:63)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:233)
at org.sonarsource.scanner.api.EmbeddedScanner.runAnalysis(EmbeddedScanner.java:151)
at org.sonarsource.scanner.cli.Main.runAnalysis(Main.java:123)
at org.sonarsource.scanner.cli.Main.execute(Main.java:77)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.io.IOException: error=2, No such file or directory
at java.lang.UNIXProcess.forkAndExec(Native Method)
at java.lang.UNIXProcess.<init>(UNIXProcess.java:247)
at java.lang.ProcessImpl.start(ProcessImpl.java:134)
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1029)
... 38 common frames omitted
ERROR: No TypeScript files will be analyzed
Due to this if: https://github.com/ciricihq/gitlab-sonar-scanner/blob/develop/sonar-scanner-run.sh#L11
We'll remove it for now, unless someone comes with a solution for setting it without overwriting the definition in sonar-project.properties
file.
Hi all,
when i run sonarqube analysis on master branch i see, at the end of the pipeline, an unexpected job.
How i can remove it?
This not happens when use another branch, also with publishing enabled.
This is my yaml gitlab file
.quality_variables: &quality_variables
SONAR_URL: https://xxxxxxxxxxxxxx
.quality_template: &quality_template
stage: quality
image: ciricihq/gitlab-sonar-scanner
<<: *runner
dependencies:
- npm:test
cache: {}
before_script:
- echo "sonar.login=${SONAR_TOKEN}" >> sonar-project.properties
script:
- |
gitlab-sonar-scanner \
-Dsonar.gitlab.project_id=$CI_PROJECT_ID \
-Dsonar.gitlab.user_token=$GITLAB_TOKEN \
-Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA \
-Dsonar.gitlab.ref_name=$CI_COMMIT_REF_NAME
except:
variables:
- $SKIP_QUALITY == "true"
quality:preview:
<<: *quality_template
variables:
<<: *quality_variables
SONAR_ANALYSIS_MODE: "preview"
only:
refs:
- /^epic\/*/
- /^hotfix\/*/
- /^feature\/*/
- test
quality:publish:
<<: *quality_template
variables:
<<: *quality_variables
SONAR_ANALYSIS_MODE: "publish"
only:
refs:
- master
Regards
Nor the sonar scanner, nor the gitlab plugin for sonar, support crashing the scan in case a quality profile fails, but we can use the sonar api to fix that.
See https://docs.sonarqube.org/display/SONARQUBE54/Breaking+the+CI+Build for more details about how to break the build, but basically we should:
QUALITY_CHECK
is defined.ceTaskId
from the generated file by sonar report-task.txt
.${SONAR_URL}/api/ce/task?id=${ceTaskId}
and get analysisId
field${SONAR_URL}api/qualitygates/project_status?analysisId=${analysisId}
and get analysisId
fieldstatus
!== OK
, break the build.Currently, the Dockerfile downloads the sonar-scanner-cli
from sonarsource.com and unzips it to /usr/bin/sonar-scanner
. But it does not delete the original zip file. Thus, the image size is needlessly increased and the image is not "clean" as well.
A simple rm sonar-scanner-cli-${SONAR_SCANNER_VERSION}-linux.zip
within the Dockerfile would resolve this.
Hi, I am using gitlab-sonar-plugin to run sonar scanner for each branch on every new commit.
I am using gabrie-allaigre/sonar-gitlab-plugin for sonnar-gitlab integration.
My expectation is, if I run sonar scanner is issue mode, it should add a comment in my commit with issues and with publishing mode it should publish the report to sonar server.
So, till now I can publish my report to sonar server with all issue and git lab code for that particular commit, but not been able to see any comment on my gitlab commit.
Then, I realised that I need to pass the commit sha, and changed this command to gitlab cli
script:
- gitlab-sonar-scanner -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA
post this change, my sonar scanner is failing constantly with below exception
ERROR: Error during SonarQube Scanner execution
ERROR: Failed to execute project builder: com.talanlabs.sonar.plugins.gitlab.CommitProjectBuilder
ERROR: Caused by: Unable to perform GitLab WS operation
ERROR: Caused by: GitLab is not responding
ERROR: Caused by: Server returned HTTP response code: 502 for URL: https://gitlab.com/api/v4/projects?archived=false&membership=false&order_by=created_at&owned=false&page=57&per_page=20&simple=false&sort=desc&starred=false&statistics=false&with_custom_attributes=false&with_issues_enabled=false&with_merge_requests_enabled=false
ERROR:
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.
I am using
gabrie-allaigre/sonar-gitlab-plugin version 3.0.0
image: ciricihq/gitlab-sonar-scanner
Gitlab version 10.7.0-rc5-ee
sonnarQube version 6.5.0.27846
My gitlab yml task file looks like this
Run SonarQube:
stage: Prebuild
image: ciricihq/gitlab-sonar-scanner
variables:
SONAR_URL: http://sonar.my.sonar.url
SONAR_ANALYSIS_MODE: issues
script:
- gitlab-sonar-scanner -Dsonar.gitlab.commit_sha=$CI_COMMIT_SHA
only:
- branches
except:
- master
and my sonar-project.properties files is as below
sonar.projectKey=test:test sonar.exclusions=ui/node_modules/** sonar.sources=. [email protected]:xyz/pqr/abc.git
Since this project isn't maintained anymore and there are better solutions already published (see #51), this project should be archived.
@cirici could you please do so? In project settings, advanced section, "Archive this project":
It would be much better if you add a note in the readme pointing to dcuenot/gitlab-sonar-scanner-with-quality-gate version.
Edit: It is important to NOT REMOVE the project. Removing the project could also remove all 79 current forks, which isn't what we want.
Automatically define SONAR_PROJECT_VERSION
from $CI_BUILD_ID
if SONAR_PROJECT_VERSION
has not been defined by the user (in .gitlab-ci.yml
).
More:
SONAR_PROJECT_VERSION
: $CI_BUILD_ID
SONAR_GITLAB_PROJECT_ID
: $CI_PROJECT_ID
SONAR_PROJECT_KEY
: $CI_PROJECT_NAME
There's another project aiming to do the same:
https://git.johnnei.org/Johnnei/sonar-gitlab-plugin
Try if it can be compatible with this approach
Hi, at the beginning I would like to thank you for the nice image I've been using it for some time. But now we move our SonarQube server behind SSL and we have problem with certs. So I should import my certificate but when certs are located in this image?
In another projects I import certificate using this command:
- echo -n | openssl s_client -connect <ip>:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ./cert.cert
- keytool -import -noprompt -trustcacerts -file ./cert.cert -alias certalias -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit
But here i get following error:
/bin/sh: eval: line 73: openssl: not found
It's part of my gitlab-ci file:
sonarqube-reports:
stage: analysis
image: ciricihq/gitlab-sonar-scanner
variables:
SONAR_URL: 'https://main-domain/sonar/'
SONAR_ANALYSIS_MODE: publish
script:
- gitlab-sonar-scanner
only:
- master
It's gitlab log:
ERROR: Error during SonarQube Scanner execution org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:84) at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:71) at java.security.AccessController.doPrivileged(Native Method) at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:71) at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:67) at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:218) at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:156) at org.sonarsource.scanner.cli.Main.execute(Main.java:74) at org.sonarsource.scanner.cli.Main.main(Main.java:61) Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server at org.sonarsource.scanner.api.internal.Jars.getBootstrapIndex(Jars.java:100) at org.sonarsource.scanner.api.internal.Jars.getScannerEngineFiles(Jars.java:76) at org.sonarsource.scanner.api.internal.Jars.download(Jars.java:70) at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:39) at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:75) ... 8 more Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1964) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:328) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:322) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1614) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1052) at sun.security.ssl.Handshaker.process_record(Handshaker.java:987) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectTls(RealConnection.java:267) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.establishProtocol(RealConnection.java:237) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connect(RealConnection.java:148) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.findConnection(StreamAllocation.java:186) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.findHealthyConnection(StreamAllocation.java:121) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.StreamAllocation.newStream(StreamAllocation.java:100) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:42) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:93) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:120) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:92) at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:67) at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:179) at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:63) at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:113) at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:98) at org.sonarsource.scanner.api.internal.Jars.getBootstrapIndex(Jars.java:96) ... 12 more Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:302) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1596) ... 41 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392) ... 47 more
How can I import certificates for this image? Thank you in advance
When sonar-scanner try to scan a *.sh shell file it throws an error:
11:54:30.693 INFO: Sensor ShellCheck Sensor [shellcheck]
11:54:30.693 DEBUG: ShellCheck sensor executed with context: org.sonar.scanner.sensor.ModuleSensorContext@31228d83
11:54:30.693 DEBUG: Analyzing file: collectDependencies.sh
11:54:30.694 DEBUG: Executing command: [shellcheck, -x, -f, json, /builds/*****/*****/debinstall/collectDependencies.sh]
11:54:30.699 ERROR: Error executing command
java.io.IOException: Cannot run program "shellcheck": error=2, No such file or directory
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
...
Caused by: java.io.IOException: error=2, No such file or directory
at java.lang.UNIXProcess.forkAndExec(Native Method)
at java.lang.UNIXProcess.<init>(UNIXProcess.java:247)
at java.lang.ProcessImpl.start(ProcessImpl.java:134)
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1029)
... 32 common frames omitted
11:54:30.699 INFO: Sensor ShellCheck Sensor [shellcheck] (done) | time=6ms
A https://hub.docker.com/r/koalaman/shellcheck-alpine docker image is available for that purpose.
Hi!
I've been struggling lately to get a gitlab CI work with a simple C++ test project, which you can find here
Iy you check recent pipelines, especially the sonarqube job, you will see in its logs that it desperately fails with a NoSuchFileException.
It's really disappointing, since sonar-scanner works perfectly on my local environment with the very same sonar.properties file! And to be honest, I'm not quite sure that gitlab-sonar-scanner image is the culprit...
Am I missing something? Any help is more than welcome, thanks!
If you create a sonar-project.properties
file, sonarqube complains if you don't set sonar.projectKey
on that file. We should not require SONAR_PROJECT_KEY
env var if a properties file exists.
Certain variables in use are deprecated. For example: CI_BUILD_REF to CI_COMMIT_SHA
https://docs.gitlab.com/ee/ci/variables/deprecated_variables.html
Script should be updated to look for the new variable. For backwards compatibility, both variables could be checked.
There is no default command and no entrypoint defined in the Dockerfile
.
Thus, everybody not using the .gitlab-ci.yml
using this image needs to explicitly call it with:
docker run ciricihq/gitlab-sonar-scanner gitlab-sonar-scanner
As the gitlab-sonar-scanner
script is the main purpose of this image. We could define it as the default command or maybe even as the default entrypoint.
Hi,
I am trying to fail a gitlab ci job if there are major issues.
Is there a way to fail the job?
Regards.
The LTS release is now 6.7
I get the following warnings:
WARN: The use of the issues mode (sonar.analysis.mode=issues) is deprecated. This mode will be dropped in the future.
WARN: Ability to set quality profile from command line using 'sonar.profile' is deprecated and will be dropped in a future SonarQube version.
WARN: The use of "sonar.branch" is deprecated and replaced by "sonar.branch.name". See https://redirect.sonarsource.com/doc/branches.html.
The last one is most important for me as sonar.branch
is now incompatible with sonar.branch.name
and I cannot use the new branch feature by SonarQube.
Take a look the code bellow in sonar-scanner-run.sh:
#!/bin/sh
URL=$SONAR_URL
SONAR_TOKEN=$SONAR_TOKEN
if [ -z "$SONAR_PROJECT_KEY" ]; then
echo "Undefined \"projectKey\"" && exit 1
else
COMMAND="sonar-scanner -Dsonar.host.url=\"$URL\" -Dsonar.projectKey=\"$SONAR_PROJECT_KEY\""
....
I can't see SONAR_TOKEN being used. Can I login in my private sonar using token and put the report inside it?
Before accepting PR from greater versions, we should fix the tags we're defining for docker hub, or, at least, add tags for each sonarqube version we have plugins for.
Right now, based on user comments and issues, and based on our experience, we should, at least, create these two tags:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.