GithubHelp home page GithubHelp logo

wayfair-incubator / sonarscanner-buildkite-plugin Goto Github PK

View Code? Open in Web Editor NEW
6.0 4.0 10.0 986 KB

🐳🔊 Sonarqube SonarScanner plugin for Buildkite

License: BSD 2-Clause "Simplified" License

Shell 90.68% Dockerfile 9.32%
buildkite buildkite-plugin sonar-scanner sonarqube hacktoberfest

sonarscanner-buildkite-plugin's Introduction

sonarscanner-buildkite-plugin

Actions Status Actions Status Version Plugin Status

This plugin performs static code analysis as part of a Buildkite pipeline and reports back to Sonarqube.

WARNING

This plugin is still in alpha release publicly and is not ready for prime-time usage.

Usage

You must first create a project in Sonarqube instance. Create project headerCreate project gif

Copy the user login token. This must be added to the buildkite pipeline using the environment variable SONARQUBE_LOGIN Make sure to store it securely!

To ensure the sonar scan step does not fail the pipeline overall (e.g. in the case of a Sonarqube outage), make sure to set the soft_fail attribute (example below).

# .buildkite/pipeline.yml
steps:
  - label: ":sonarqube: Sonarqube"
    branches: "master" # only report on the master branch
    plugins:
      - wayfair-incubator/sonarscanner#v0.1.1:
          sonarqube_host: https://sonarqube.example.com
          project_key: sonarqube_project_key
    soft_fail: # Ensures a Sonarqube error does not fail the pipeline
      - exit_status: "*"

Developer/Enterprise Edition only features

The plugin supports paid Sonarqube features, such as enabling scans for a branch and/or a pull request.

# .buildkite/pipeline.yml
steps:
  - label: ":sonarqube: Sonarqube"
    plugins:
      - wayfair-incubator/sonarscanner#v0.1.1:
          sonarqube_host: https://sonarqube_enterprise.example.com
          project_key: sonarqube_project_key
          uses_community_edition: false
          enable_branch_scan: true
          enable_pull_request_scan: true
    soft_fail: # Ensures a Sonarqube error does not fail the pipeline
      - exit_status: "*"

Language-specific Examples

Python

# .buildkite/pipeline.yml
# Python example
steps:
  - label: "Run unit tests"
    command: test.sh
    artifact_paths: tmp/*coverage-*.xml

  - wait: ~

  - label: ":sonarqube: Sonarqube"
    plugins:
      - wayfair-incubator/sonarscanner#v0.1.1:
          sonarqube_host: https://sonarqube.example.com
          project_key: sonarqube_project_key
          artifacts: tmp/*coverage-*.xml
          additional_flags:
            - -Dsonar.tests=tests
            - -Dsonar.exclusions=test*/**/*
            - -Dsonar.python.coverage.reportPaths=tmp/*coverage-*.xml
    soft_fail: # Ensures a Sonarqube error does not fail the pipeline
      - exit_status: "*"

.NET Core

# .buildkite/pipeline.yml
# .NET example
steps:
  - label: "Run unit tests"
    commands:
      - >
        dotnet test --logger:"trx;LogFileName=testresult.xml"
        /p:CollectCoverage=true
        /p:CoverletOutputFormat=opencover
        /p:CoverletOutput="TestResults/opencover.xml"
      - buildkite-agent artifact upload "**/testresult*.xml"
      - buildkite-agent artifact upload "**/opencover*.xml"
    plugins:
      - docker#v3.3.0:
          image: "..."

  - wait: ~

  - label: ":sonarqube: Sonarqube"
    plugins:
      - wayfair-incubator/sonarscanner#v0.1.1:
          sonarqube_host: https://sonarqube.example.com
          project_key: sonarqube_project_key
          is_dotnet: true
          dotnet_build_project: My.App.sln
          artifacts:
            - '**/testresult*.xml'
            - '**/opencover*.xml'
          additional_flags:
            - /s:/root/.dotnet/tools/SonarQube.Analysis.xml
    soft_fail: # Ensures a Sonarqube error does not fail the pipeline
      - exit_status: "*"

Coverage reporting

Sonarscanner does not independently calculate code coverage. Instead, it consumes coverage reports (generally XML files) generated by the test suite for your project. The steps needed to generate coverage reports are language specific. Below are instructions for a few common languages.

In general, unit test steps should be run using either the docker or docker-compose buildkite plugins. This ensures that the absolute file paths in the generated coverage reports can be set deterministically. When running tests in other agents, you cannot guarantee the file paths, which will result in Sonarqube reporting 0% coverage.

.NET Core Coverage

This plugin has been tested on projects that use coverlet. This can be added by running dotnet add package coverlet.msbuild in the project directory. Refer to the .NET pipeline example above for the specific arguments that should be passed to dotnet test. Reports can be accessed using the globs **/testresult*.xml and **/testresult*.xml.

Configuration

Required

project_key (required, string)

The unique key associated with a Sonarqube project

Example: sonarqube_project_key

sonarqube_host (required, string)

URL of Sonarqube Server where sonarscanner should upload its report.

Example: https://sonarqube.example.com

Optional

additional_flags (optional, [ string, array ])

Pass additional flags to sonar-scanner. Useful for defining additional properties (-D). Available properties can be found here. Can also be used to run sonar-scanner in debug mode (-X)

Examples:

# string
additional_flags: -Dsonar.ws.timeout=120
# array
additional_flags:
  - -Dsonar.ws.timeout=120
  - -Dsonar.tests=unit_tests,integration_tests

artifacts (optional, [ string, array ])

The artifact glob path to find test and coverage reports that should be passed to Sonarqube. Be sure let Sonarqube know where to find artifacts using the additional_flags property. The correct property for your language can be found here.

Examples:

# string
artifacts: tmp/*coverage-*.xml
# array
artifacts:
  - tmp/*coverage-*.xml
  - tmp/foo/**/*.html

branch_scan_target (optional, string)

Used when enable_branch_scan is set to be true. If the scanner analyses this branch, it will perform a standard analysis. Otherwise, it assumes the branch is a feature branch and performs branch analysis.

Default: master

dotnet_build_project (optional, string)

Used only if is_dotnet: true. The build project name is passed to dotnet build.

Example: My.App.sln

enable_branch_scan (optional, boolean)

If enabled, Branch analysis will be run. This parameter is only supported in the Enterprise trial. PR scans take precedence over branch scans.

Default: false

enable_pull_request_scan (optional, boolean)

If enabled, Pull Request analysis will be run. This parameter is only supported in the Enterprise trial.

Default: false

is_dotnet (optional, boolean)

If the project being scanned is a dotnet project.

Default: false

scan_only_if_sources_changed (optional, boolean)

Only execute the scanner if commit includes changes to files defined in the sources argument. Useful for creating pipelines that only respond to changes to specific code in monorepo contexts.

Default: false

sources (optional, string)

Comma-separated paths to directories containing main source files.

Default: .

uses_community_edition (optional, boolean)

If you are using the open source community edition of Sonarqube

Default: true

workdir (optional, string)

Directory where source code should be mounted inside of the docker container. Useful if uploading coverage reports to Sonarqube that contain absolute paths that need to be matched.

Example: /app

Common Issues

My pipeline is failing with the error ERROR: sonarqube login not set

Ensure your pipeline has the environment variable SONARQUBE_LOGIN set.

My pipeline is failing with the error FATAL Failed to download artifacts: No artifacts found for downloading

If the artifacts parameter is used, at least one matching artifact from a previous step must be available. Additional information about buildkite artifacts can be found here. If you are generating an artifact in a step that uses the docker-compose plugin, review the plugin documentation; notably, artifacts must be generated in a directory that is mounted to the host agent.

Failing example: No artifact

Passing example: Artifact Found

Sonarqube is reporting 0% coverage, even though sonarscanner parsed a coverage report

Sonarscanner parses the repository's file tree and attempts to match files against entries from the coverage report. Matches only occur when the absolute paths of the files are the same.

If the repository under test is mounted to a custom directory, Sonarscanner will not match the file paths correctly. You may encounter this if unit tests are executed using the docker-compose-buildkite-plugin and the code is made available via a volume mount (for example, - ./:/app). In such a case, set the workdir parameter equal to the root project directory used when generating the coverage report (in the above case, /app).

The workdir parameter does not need to be set by default, particularly if the coverage report was generated using the docker-buildkite-plugin.

Contributing

See the Contributing Guide for additional information.

To execute tests locally (requires that docker and docker-compose are installed):

bin/execute_tests

Credits

This plugin was originally written by James Curtin for Wayfair.

sonarscanner-buildkite-plugin's People

Contributors

dependabot[bot] avatar jamescurtin avatar

Stargazers

avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

divyahb raiv-devops plentiau globeandmail jaklaassen-affirm jromerotw levence stax-labs kodigahayata boxsoftware

sonarscanner-buildkite-plugin's Issues

[BUG] java.nio.file.AccessDeniedException

Describe the bug

During sonar scan the following error occurs:
java.io.UncheckedIOException: java.nio.file.AccessDeniedException: /workdir/artifacts-tmp.eZNdNFTuCx

To Reproduce

  - label: ":sonarqube: Sonarcloud PR scan"
    if: |
      // Only run for PR builds
      build.pull_request.id != null &&
        build.branch != "master"
    plugins:
      - ssh://[email protected]/wayfair-contribs/sonarscanner-buildkite-plugin.git#v0.1.1:
          sonarqube_host: https://sonarcloud.io
          project_key: <project key>
          sources: src
          artifacts: coverage-reports/*.xml
          enable_pull_request_scan: true
          uses_community_edition: false
          additional_flags:
            - -Dsonar.python.version=3.9
            - -Dsonar.python.coverage.reportPaths=coverage-reports/coverage-report.xml
            - -Dsonar.python.xunit.reportPath=coverage-reports/test-report.xml
            - -Dsonar.tests=tests
            - -Dsonar.organization=<org name>
            - -Dsonar.pullrequest.key=$BUILDKITE_PULL_REQUEST
            - -Dsonar.pullrequest.branch=$BUILDKITE_BRANCH
            - -Dsonar.pullrequest.base=$BUILDKITE_PULL_REQUEST_BASE_BRANCH
    soft_fail: # Ensures a Sonarqube error does not fail the pipeline
      - exit_status: "*"
    agents:
      queue: 'dev'
      build: 'true'

Error

java.io.UncheckedIOException: java.nio.file.AccessDeniedException: /workdir/artifacts-tmp.eZNdNFTuCx
--
  | at java.base/java.nio.file.FileTreeIterator.fetchNextIfNeeded(FileTreeIterator.java:87)
  | at java.base/java.nio.file.FileTreeIterator.hasNext(FileTreeIterator.java:103)
  | at java.base/java.util.Iterator.forEachRemaining(Iterator.java:132)
  | at java.base/java.util.Spliterators$IteratorSpliterator.forEachRemaining(Spliterators.java:1801)
  | at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
  | at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
  | at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
  | at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
  | at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
  | at org.sonarsource.analyzer.commons.FileProvider.getMatchingFiles(FileProvider.java:45)
  | at org.sonar.plugins.python.PythonReportSensor.getReports(PythonReportSensor.java:73)
  | at org.sonar.plugins.python.coverage.PythonCoverageSensor.lambda$getCoverageReports$0(PythonCoverageSensor.java:93)
  | at java.base/java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:271)
  | at java.base/java.util.Spliterators$ArraySpliterator.forEachRemaining(Spliterators.java:948)
  | at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
  | at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
  | at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
  | at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
  | at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
  | at org.sonar.plugins.python.coverage.PythonCoverageSensor.getCoverageReports(PythonCoverageSensor.java:94)
  | at org.sonar.plugins.python.coverage.PythonCoverageSensor.execute(PythonCoverageSensor.java:77)
  | at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:62)
  | at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)
  | at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:48)
  | at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:66)
  | at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:48)
  | at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:64)
  | at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
  | at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
  | at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:466)
  | at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:462)
  | at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:418)
  | at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
  | at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
  | at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:130)
  | at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
  | at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
  | at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:58)
  | at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:52)
  | at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
  | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  | at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
  | at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  | at java.base/java.lang.reflect.Method.invoke(Method.java:566)
  | at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
  | at com.sun.proxy.$Proxy0.execute(Unknown Source)
  | at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
  | at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
  | at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
  | at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
  | at org.sonarsource.scanner.cli.Main.main(Main.java:61)
  | Caused by: java.nio.file.AccessDeniedException: /workdir/artifacts-tmp.eZNdNFTuCx
  | at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
  | at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
  | at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
  | at java.base/sun.nio.fs.UnixFileSystemProvider.newDirectoryStream(UnixFileSystemProvider.java:432)
  | at java.base/java.nio.file.Files.newDirectoryStream(Files.java:471)
  | at java.base/java.nio.file.FileTreeWalker.visit(FileTreeWalker.java:300)
  | at java.base/java.nio.file.FileTreeWalker.next(FileTreeWalker.java:373)
  | at java.base/java.nio.file.FileTreeIterator.fetchNextIfNeeded(FileTreeIterator.java:83)
  | ... 50 more

Additional information (if any)

I've logged into the container and the directory is present:

sh-4.4$ ls -la
total 116
drwxr-xr-x 1 sonar sonar   329 Oct 19 23:09 .
drwxr-xr-x 1 root  root      6 Oct 19 23:19 ..
drwxr-xr-x 3  2000  2000    45 Oct 19 23:07 .buildkite
-rw-r--r-- 1  2000  2000   102 Oct 19 23:07 .coveragerc
drwxr-xr-x 8  2000  2000   181 Oct 19 23:07 .git
drwxr-xr-x 2  2000  2000    24 Oct 19 23:07 .github
-rw-r--r-- 1  2000  2000   224 Oct 19 23:07 .gitignore
drwxr-xr-x 4 sonar sonar    48 Oct 19 23:13 .scannerwork
-rw-r--r-- 1  2000  2000  3768 Oct 19 23:07 Makefile
-rw-r--r-- 1  2000  2000  2566 Oct 19 23:07 README.md
drwx------ 2  2000  2000     6 Oct 19 23:07 artifacts-tmp.MxdhmwFYE7
drwxr-xr-x 2  2000  2000    38 Oct 19 23:07 build
drwxr-xr-x 2  2000  2000    56 Oct 19 23:07 coverage-reports
drwxr-xr-x 2  2000  2000    33 Oct 19 23:07 docs
-rw-r--r-- 1  2000  2000    92 Oct 19 23:07 envrc
-rw-r--r-- 1  2000  2000 88751 Oct 19 23:07 poetry.lock
-rw-r--r-- 1  2000  2000  1193 Oct 19 23:07 pyproject.toml
drwxr-xr-x 2  2000  2000   117 Oct 19 23:07 src
-rw-r--r-- 1  2000  2000  1109 Oct 19 23:07 setup.py
drwxr-xr-x 3  2000  2000    43 Oct 19 23:07 tests
sh-4.4$

Java.nio.file.InvalidPathException: Malformed input or input contains unmappable characters

Describe the bug

Getting Java.nio.file.InvalidPathException: Malformed input or input contains unmappable characters

To Reproduce

Steps to reproduce the behavior:

  1. Add some file called as 大杉.txt or foo'bar.txt to your project directory
  2. Try to run sonar-scanner in project directory

Expected behavior

It should consider the file instead of crashing

Screenshots

Screenshot 2021-06-30 at 8 15 47 PM

Additional information (if any)

To fix the issue we need to update the locales from POSIX to UTF8 in the underlying os. like

LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8

[FEATURE] Only upload a coverage report.

User Story/Description

I have a different plugin that allows to running unit tests for a project in multiple environments (generated Buildkite steps). My plugin uses this plugin to upload coverage reports from those different environments. However, that means that projects which use my plugin are restricted to the capabilities of this plugin that mine exposes.

Describe the solution you propose (if applicable)

An option to skip the source code scanning all together and only upload a coverage report from a test execution.

Describe alternatives you've considered

Depending on the internals of this plugin, it might be simpler to create a different plugin that just uploads coverage reports.

Additional context

I don't know how SonarQube internally tracks test coverage. While I hope it is not the case, I could see it being tied to a code scan. If that is the case, that might make this request difficult or impossible.

[BUG] AccessDeniedException: /workdir/.scannerwork

Describe the bug

Receiving an AccessDenied exception to the workdir when using the sonarscannerbuildkite/sonarscanner container.

It looks as though sonarscannerbuildkite/sonarscanner-dotnet includes the following:

WORKDIR /workdir
RUN chown -R sonar:sonar /workdir

However this is not present in the regular sonarscanner container.

To Reproduce

  - label: ":sonarqube: Sonarcloud PR scan"
    if: |
      // Only run for PR builds
      build.pull_request.id != null &&
        build.branch != "master"
    plugins:
      - ssh://[email protected]/wayfair-contribs/sonarscanner-buildkite-plugin.git#v0.1.0:
          sonarqube_host: https://sonarcloud.io
          project_key: XXX
          artifacts: coverage-reports/*.xml
          enable_pull_request_scan: true
          uses_community_edition: false
          additional_flags:
            - -Dsonar.python.coverage.reportPaths=coverage-reports/coverage-report.xml
            - -Dsonar.python.xunit.reportPath=coverage-reports/test-report.xml
            - -Dsonar.tests=tests
            - -Dsonar.organization=XXX
            - -Dsonar.pullrequest.key=$BUILDKITE_PULL_REQUEST
            - -Dsonar.pullrequest.branch=$BUILDKITE_BRANCH
            - -Dsonar.pullrequest.base=$BUILDKITE_PULL_REQUEST_BASE_BRANCH
    soft_fail: # Ensures a Sonarqube error does not fail the pipeline
      - exit_status: "*"

Error

INFO: Base dir: /workdir
INFO: Working dir: /workdir/.scannerwork
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 53.158s
INFO: Final Memory: 7M/30M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
java.lang.IllegalStateException: Unable to load component class org.sonar.scanner.scan.ProjectLock
	at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:51)
	at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:678)
	at org.sonar.core.platform.ComponentContainer.getComponentByType(ComponentContainer.java:272)
	at org.sonar.scanner.scan.ProjectScanContainer.doBeforeStart(ProjectScanContainer.java:143)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:120)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:108)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:127)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:122)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:108)
	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:58)
	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:52)
	at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
	at com.sun.proxy.$Proxy0.execute(Unknown Source)
	at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
	at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
	at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Failed to create work directory
	at org.sonar.scanner.scan.ProjectLock.<init>(ProjectLock.java:25)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
	at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
	at org.picocontainer.injectors.AbstractInjector.newInstance(AbstractInjector.java:145)
	at org.picocontainer.injectors.ConstructorInjector$1.run(ConstructorInjector.java:342)
	at org.picocontainer.injectors.AbstractInjector$ThreadLocalCyclicDependencyGuard.observe(AbstractInjector.java:270)
	at org.picocontainer.injectors.ConstructorInjector.getComponentInstance(ConstructorInjector.java:364)
	at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.getComponentInstance(AbstractInjectionFactory.java:56)
	at org.picocontainer.behaviors.AbstractBehavior.getComponentInstance(AbstractBehavior.java:64)
	at org.picocontainer.behaviors.Stored.getComponentInstance(Stored.java:91)
	at org.picocontainer.DefaultPicoContainer.getInstance(DefaultPicoContainer.java:699)
	at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:647)
	at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:49)
	... 22 more
Caused by: java.nio.file.AccessDeniedException: /workdir/.scannerwork
	at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:90)
	at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
	at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116)
	at java.base/sun.nio.fs.UnixFileSystemProvider.createDirectory(UnixFileSystemProvider.java:389)
	at java.base/java.nio.file.Files.createDirectory(Files.java:689)
	at java.base/java.nio.file.Files.createAndCheckIsDirectory(Files.java:796)
	at java.base/java.nio.file.Files.createDirectories(Files.java:782)
	at org.sonar.scanner.scan.ProjectLock.<init>(ProjectLock.java:22)
	... 36 more

Additional information (if any)

I've worked around the issue for now by specifying the workdir as /home/sonar, however this introduces some problems with having no access to the /home/sonar/artifacts-tmp.XXXXXXXXXX directory, meaning I can't perform a scan at the /home/sonar level, and need to specify sources as /home/sonar/src.

Alternative to this action plus SonarCloud support

Hello,

As an alternative to this repo which is still in alpha and hasn't seen activity in a couple years, I was able to run the scan using the official docker image like so

  - name: ":sonarcloud: SC Scan"
    plugins:
      - docker#v5.7.0:
          image: "sonarsource/sonar-scanner-cli:4"
          environment:
            - "SONAR_TOKEN=$SONAR_TOKEN"
            - "SONAR_HOST_URL=https://sonarcloud.io"
            - "SONAR_SCANNER_OPTS=-Dsonar.branch.name=$BUILDKITE_BRANCH -Dsonar.branch.target=$BUILDKITE_PULL_REQUEST_BASE_BRANCH"

and have a sonar-project.properties file in your root:

# Full set of options: https://docs.sonarcloud.io/advanced-setup/analysis-parameters/
# Required Properties
sonar.projectKey = *sc project key*
sonar.organization = *sc org*

# Optional Properties

sonar.projectName = *sc project name*
# See here for details how to setup file patterns: https://docs.sonarcloud.io/advanced-setup/analysis-scope/
sonar.sources = .
# exclude test files, auto-generated files here
sonar.exclusions = **/spec/**/*
sonar.tests = spec/
sonar.projectVersion = Initial

🧹 Add Renovate

Description

👋 This repository is not currently configured for Renovate. This issue proposes the steps necessary to add Renovate to this project!

💡 Not familiar with Renovate, or are confused about what advantages it holds over GitHub's Dependabot? Learn more here!

Steps to Add

  1. Review the guide for Adding Renovate to Existing Projects.
  2. Assign yourself to this issue to signal to others that you intend to work on it. If you ultimately decide not to pursue this, please remember to un-assign yourself so that others may participate!
  3. If the renovate[bot] account has already auto-filed a Configure Renovate PR against this repository, feel free to reference the proposed changes in your own Pull Request. If you are contributing to this project as a Hacktoberfest participant, you must file your own PR in order to get credit for your contribution!
  4. You may find that the CI build for this project is failing for unrelated reasons. If you are not already a contributor to this project and don't feel comfortable attempting to fix the build, that's okay! There's plenty of other ways you can contribute to Wayfair's open source projects :) Feel free to consult the list of our other participating repositories here!
  5. In order to catch potential JSON syntax errors or other mis-configurations, please add Renovate linting to this project's existing GitHub Workflow CI pipeline, or create a new one (eg. .github/workflows/lint.yml). See here for an example.
  6. If this repository is currently configured to use GitHub's Dependabot, you must also deprecate support for Dependabot in order to avoid conflicts with Renovate. This is typically as simple as removing the .github/dependabot.yml file. See here for an example.

Checklist

  • I have read the Adding Renovate to Existing Projects guide.
  • I have assigned this issue to myself avoid duplicating efforts with other potential contributors.
  • I have verified this repository does not already have Renovate configured (or proposed in an open PR by another contributor).
  • If the renovate[bot] account has already auto-filed a Configure Renovate PR in this repository, I confirm that I will create a separate PR under my own GitHub account, using the initial PR as inspiration.
  • I confirm that I have added Renovate linting to this project's existing CI pipeline, or have created a new linting workflow if one doesn't already exist.
  • If this repository is currently configured to use GitHub's Dependabot, my PR will also deprecate support for Dependabot in order to avoid conflicts with Renovate.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.