After upgrade to Sonar to 10.6 Error: Checksum verification failed for JRE

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) ==> 10.6
  • how is SonarQube deployed: zip, Docker, Helm ==> Helm
  • what are you trying to achieve ==> After upgrade Sonarqube 10.6 when running the jobs we are failing with errors

After upgraded the Sonarqueb 10.6 , we are failing with errors in the pipelines like ERROR] Bootstrapper: An error occurred: Error: Checksum verification failed for /root/.sonar/cache/bcb1b7b8ad68c93093f09b591b7cb17161d39891f7d29d33a586f5a328603707/OpenJDK17U-jre_x64_linux_hotspot_17.0.11_9.tar.gz. Expected checksum bcb1b7b8ad68c93093f09b591b7cb17161d39891f7d29d33a586f5a328603707 but got d56a1a1e6ced7680e9a83b258991c2e74a683543759a04c5f4a1c341da14a401

Any idea how to resolve the issues ? Does any one faced this type of issue ?

11:27:37  + sonar-scanner -Dsonar.host.url=https://sonarqube.com -Dsonar.login=****** -Dsonar.projectVersion=feat/DARWSC2-71489-5475-next -Dsonar.pullrequest.key=335983186 -Dsonar.pullrequest.branch=feat/DARWSC2-71489 -Dsonar.pullrequest.base=master
11:27:38  [WARN]  Bootstrapper: SONARQUBE_SCANNER_PARAMS is deprecated, please use SONAR_SCANNER_JSON_PARAMS instead
11:27:38  [INFO]  Bootstrapper: Retrieving info from "package.json" file
11:27:38  [WARN]  Bootstrapper: Property "sonar.login" is deprecated and will be removed in a future version. Please use "sonar.token" instead.
11:27:38  [INFO]  Bootstrapper: Platform: linux x64
11:27:38  [INFO]  Bootstrapper: Server URL: https://sonarqube.com
11:27:38  [INFO]  Bootstrapper: Version: 4.2.5
11:27:38  + sonar-scanner -Dsonar.host.url=https://sonarqube.com -Dsonar.login=****** -Dsonar.projectVersion=feat/DARWSC2-5-next -Dsonar.pullrequest.key=335983186 -Dsonar.pullrequest.branch=feat/DARWSC2-71489 -Dsonar.pullrequest.base=master
11:27:38  [INFO]  Bootstrapper: SonarQube server version: 10.6.0
11:27:38  [INFO]  Bootstrapper: JRE provisioning is supported
11:27:38  [INFO]  Bootstrapper: No Cache found for JRE
11:27:38  [WARN]  Bootstrapper: SONARQUBE_SCANNER_PARAMS is deprecated, please use SONAR_SCANNER_JSON_PARAMS instead
11:27:38  [INFO]  Bootstrapper: Unable to read "package.json" file
11:27:38  [WARN]  Bootstrapper: Property "sonar.login" is deprecated and will be removed in a future version. Please use "sonar.token" instead.
11:27:38  [INFO]  Bootstrapper: Platform: linux x64
11:27:38  [INFO]  Bootstrapper: Server URL: https://sonarqube.com
11:27:38  [INFO]  Bootstrapper: Version: 4.2.5
11:27:38  [INFO]  Bootstrapper: SonarQube server version: 10.6.0
11:27:38  [INFO]  Bootstrapper: JRE provisioning is supported
11:27:38  [INFO]  Bootstrapper: Download starting...
11:27:38  [ERROR] Bootstrapper: An error occurred: Error: Checksum verification failed for /root/.sonar/cache/bcb1b7b8ad68c93093f09b591b7cb17161d39891f7d29d33a586f5a328603707/OpenJDK17U-jre_x64_linux_hotspot_17.0.11_9.tar.gz. Expected checksum bcb1b7b8ad68c93093f09b591b7cb17161d39891f7d29d33a586f5a328603707 but got d56a1a1e6ced7680e9a83b258991c2e74a683543759a04c5f4a1c341da14a401
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
11:27:39  WARN: Unable to locate 'report-task.txt' in the workspace. Did the SonarScanner succeed?
[Pipeline] // withSonarQubeEnv
[Pipeline] }
[Pipeline] // dir
[Pipeline] }
11:27:40  Failed in branch sonarScan2
11:27:42  [INFO]  Bootstrapper: Download complete
11:27:42  [INFO]  Bootstrapper: Downloaded JRE to /root/.sonar/cache/bcb1b7b8ad68c93093f09b591b7cb17161d39891f7d29d33a586f5a328603707/OpenJDK17U-jre_x64_linux_hotspot_17.0.11_9.tar.gz
11:27:42  [ERROR] Bootstrapper: An error occurred: Error: ENOENT: no such file or directory, open '/root/.sonar/cache/bcb1b7b8ad68c93093f09b591b7cb17161d39891f7d29d33a586f5a328603707/OpenJDK17U-jre_x64_linux_hotspot_17.0.11_9.tar.gz'
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
11:27:43  WARN: Unable to locate 'report-task.txt' in the workspace. Did the SonarScanner succeed?
[Pipeline] // withSonarQubeEnv
[Pipeline] }
[Pipeline] // dir
[Pipeline] }
11:27:43  Failed in branch sonarScan1
[Pipeline] // parallel
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // container
[Pipeline] }
[Pipeline] // node
[Pipeline] updateGitlabCommitStatus
[Pipeline] echo
11:27:45  exception thrown is hudson.AbortException: script returned exit code 1
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // timeout
[Pipeline] echo
11:27:45  SUCCESSFUL: Job 'parts/fe-parts [45488]' (https://jenkins.tools.parts.xxx.com/job/parts/job/fe-parts/45488/)
[Pipeline] }
[Pipeline] // timestamps
[Pipeline] echo
Done
[Pipeline] End of Pipeline
Finished: FAILURE

Hi,

Do you have something “helpful” on your network that could be modifying the download? Can you talk to your network folks?

 
Ann

Thanks for you reply Campbell , this setup is not new , it was worked previously ,I am sure the network is open only .
After upgraded from sonarqube from 8 to 10.6 we started facing this issue

Hi,

Then let’s go back to this:

That’s quite an old version for SonarScanner CLI. The current version is 6.2.1. Can you upgrade and try again?

What version did you upgrade from? We didn’t previously provide a JRE for analysis, so it’s quite possible that if there’s something on the network munging downloads, you got away with it before.

 
Ann

4.2.5 is the npm package which uses 6.2.1.4610 of sonar sonarqube-scanner - npm

Hi,

Okay, cool.

And can you talk to your network folks?

 
Thx,
Ann

Hello , Yesterday i have double checked with the networking regarding this issue , they have confirmed me that there is no network level block ,(there is no blocking found in the firewall) . Also here we dont face any issues like timeout etc

Hi,

Thanks for checking. I’m going to flag this for more expert eyes.

 
Ann

Hello Balaganesh,
Could I ask you to run the same scan with -Dsonar.debug=true so that we can gather a bit more context?