Angular sonarcloud-scan Container 'docker' exceeded memory limit

SonarQube Cloud
,
1

Hello,
I’m trying to create a pipeline (Bitbucket) for a medium Angular project. I can’t make the sonarcloud-scan work.

bitbucket-pipelines.yml

image: my-image
clone:
  depth: full              # SonarCloud scanner needs the full history to assign issues properly

definitions:
  caches:
    sonar: ~/.sonar/cache  # Caching SonarCloud artifacts will speed up your build
  services:
    docker:
      memory: 2048
  steps:
    - step: &build-test-sonarcloud
        size: 2x
        name: Build, test and analyze on SonarCloud
        script:
          - npm install --quiet
          - npm run test -- --code-coverage --no-watch --no-progress --browsers=ChromeHeadlessNoSandbox  
          - pipe: sonarsource/sonarcloud-scan:1.4.0
            variables:
              SONAR_TOKEN: ${SONAR_TOKEN}
              SONAR_SCANNER_OPTS: -Xmx2048m
              EXTRA_ARGS: '-Dsonar.sources=src/app 
                -Dsonar.tests=src 
                -Dsonar.test.inclusions="**/testing/**,**/*.spec.ts" 
                -Dsonar.coverage.exclusions="**/node_modules/**,**/*.spec.ts"
                -Dsonar.typescript.lcov.reportPaths=coverage/lcov.info'
          - pipe: sonarsource/sonarcloud-quality-gate:0.1.6

The state of the pipeline is failed with the following message

Container ‘docker’ exceeded memory limit.

Here is the end of the log:

`INFO: Load active rules`

`INFO: Load active rules (done) | time=4170ms`

`INFO: Organization key: ant-bitbucket`

`INFO: Branch name: ANT-add-sonar-for-front, type: short-lived`

`INFO: Load project repositories`

`INFO: Load project repositories (done) | time=107ms`

`INFO: SCM collecting changed files in the branch`

`INFO: SCM collecting changed files in the branch (done) | time=266ms`

`INFO: Indexing files...`

`INFO: Project configuration:`

`INFO:   Excluded sources: **/build-wrapper-dump.json, **/testing/**, **/*.spec.ts`

`INFO:   Included tests: **/testing/**, **/*.spec.ts`

`INFO:   Excluded sources for coverage: **/node_modules/**, **/*.spec.ts`

`INFO: 942 files indexed`

`INFO: 1393 files ignored because of inclusion/exclusion patterns`

`INFO: 0 files ignored because of scm ignore settings`

`INFO: Quality profile for css: Sonar way`

`INFO: Quality profile for ts: Sonar way`

`INFO: Quality profile for web: Sonar way`

`INFO: ------------- Run sensors on module ant-front`

`INFO: Load metrics repository`

`INFO: Load metrics repository (done) | time=107ms`

`INFO: Sensor C# Project Type Information [csharp]`

`INFO: Sensor C# Project Type Information [csharp] (done) | time=4ms`

`INFO: Sensor C# Analysis Log [csharp]`

`INFO: Sensor C# Analysis Log [csharp] (done) | time=14ms`

`INFO: Sensor C# Properties [csharp]`

`INFO: Sensor C# Properties [csharp] (done) | time=0ms`

`INFO: Sensor HTML [web]`

`INFO: Sensor HTML [web] (done) | time=1842ms`

`INFO: Sensor Text Sensor [text]`

`INFO: 942 source files to be analyzed`

`INFO: 942/942 source files have been analyzed`

`INFO: Sensor Text Sensor [text] (done) | time=407ms`

`INFO: Sensor VB.NET Project Type Information [vbnet]`

`INFO: Sensor VB.NET Project Type Information [vbnet] (done) | time=2ms`

`INFO: Sensor VB.NET Analysis Log [vbnet]`

`INFO: Sensor VB.NET Analysis Log [vbnet] (done) | time=14ms`

`INFO: Sensor VB.NET Properties [vbnet]`

`INFO: Sensor VB.NET Properties [vbnet] (done) | time=0ms`

`INFO: Sensor JaCoCo XML Report Importer [jacoco]`

`INFO: 'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml`

`INFO: No report imported, no coverage information will be imported by JaCoCo XML Report Importer`

`INFO: Sensor JaCoCo XML Report Importer [jacoco] (done) | time=7ms`

`INFO: Sensor TypeScript analysis [javascript]`

`INFO: Deploying custom rules bundle jar:file:/root/.sonar/cache/407d827e66c5794ecc2c8947635359f7/sonar-securityjsfrontend-plugin.jar!/js-vulnerabilities-rules-1.0.0.tgz to /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/eslint-bridge-bundle/package/custom-rules5452037992675192518`

`INFO: Found 2 tsconfig.json file(s): [/opt/atlassian/pipelines/agent/build/cypress/tsconfig.json, /opt/atlassian/pipelines/agent/build/tsconfig.json]`

`INFO: Creating TypeScript program`

`INFO: TypeScript configuration file /opt/atlassian/pipelines/agent/build/cypress/tsconfig.json`

`INFO: 497 source files to be analyzed`

`INFO: Creating TypeScript program (done) | time=1047ms`

`INFO: Starting analysis with current program`

`INFO: Analyzed 0 file(s) with current program`

`INFO: Creating TypeScript program`

`INFO: TypeScript configuration file /opt/atlassian/pipelines/agent/build/tsconfig.json`

`INFO: Creating TypeScript program (done) | time=3638ms`

`INFO: Starting analysis with current program`

`INFO: 71/497 files analyzed, current file: /opt/atlassian/pipelines/agent/build/src/app/shared/http/order.v2.service.ts`

`INFO: 202/497 files analyzed, current file: /opt/atlassian/pipelines/agent/build/src/app/route/shared/services/map-widget-manager.service.ts`

`INFO: 262/497 files analyzed, current file: /opt/atlassian/pipelines/agent/build/src/app/route/shared/components/move-order/move-order.component.ts`

`INFO: 392/497 files analyzed, current file: /opt/atlassian/pipelines/agent/build/src/app/route/shared/shared-route.module.ts`

`INFO: Analyzed 497 file(s) with current program`

`INFO: 497/497 source files have been analyzed`

`INFO: Sensor TypeScript analysis [javascript] (done) | time=51976ms`

`INFO: Sensor JavaScript/TypeScript Coverage [javascript]`

`INFO: No LCOV files were found using coverage/lcov.info`

`WARN: No coverage information will be saved because all LCOV files cannot be found.`

`INFO: Sensor JavaScript/TypeScript Coverage [javascript] (done) | time=710ms`

`INFO: Sensor CSS Metrics [javascript]`

`INFO: Sensor CSS Metrics [javascript] (done) | time=146ms`

`INFO: Sensor CSS Rules [javascript]`

`INFO: 445 source files to be analyzed`

`INFO: 445/445 source files have been analyzed`

`INFO: Sensor CSS Rules [javascript] (done) | time=6311ms`

`INFO: Sensor ThymeLeaf template sensor [securityjavafrontend]`

`INFO: Sensor ThymeLeaf template sensor [securityjavafrontend] (done) | time=9ms`

`INFO: Sensor Serverless configuration file sensor [security]`

`INFO: 0 Serverless function entries were found in the project`

`INFO: 0 Serverless function handlers were kept as entrypoints`

`INFO: Sensor Serverless configuration file sensor [security] (done) | time=6ms`

`INFO: Sensor AWS SAM template file sensor [security]`

`INFO: Sensor AWS SAM template file sensor [security] (done) | time=2ms`

`INFO: Sensor javabugs [dbd]`

`INFO: Reading IR files from: /opt/atlassian/pipelines/agent/build/.scannerwork/ir/java`

`INFO: No IR files have been included for analysis.`

`INFO: Sensor javabugs [dbd] (done) | time=0ms`

`INFO: Sensor JavaSecuritySensor [security]`

`INFO: Reading type hierarchy from: /opt/atlassian/pipelines/agent/build/.scannerwork/ucfg2/java`

`INFO: Read 0 type definitions`

`INFO: Reading UCFGs from: /opt/atlassian/pipelines/agent/build/.scannerwork/ucfg2/java`

`INFO: No UCFGs have been included for analysis.`

`INFO: Sensor JavaSecuritySensor [security] (done) | time=4ms`

`INFO: Sensor CSharpSecuritySensor [security]`

`INFO: Reading type hierarchy from: /opt/atlassian/pipelines/agent/build/ucfg_cs2`

`INFO: Read 0 type definitions`

`INFO: Reading UCFGs from: /opt/atlassian/pipelines/agent/build/ucfg_cs2`

`INFO: No UCFGs have been included for analysis.`

`INFO: Sensor CSharpSecuritySensor [security] (done) | time=1ms`

`INFO: Sensor PhpSecuritySensor [security]`

`INFO: Reading type hierarchy from: /opt/atlassian/pipelines/agent/build/.scannerwork/ucfg2/php`

`INFO: Read 0 type definitions`

`INFO: Reading UCFGs from: /opt/atlassian/pipelines/agent/build/.scannerwork/ucfg2/php`

`INFO: No UCFGs have been included for analysis.`

`INFO: Sensor PhpSecuritySensor [security] (done) | time=0ms`

`INFO: Sensor PythonSecuritySensor [security]`

`INFO: Reading type hierarchy from: /opt/atlassian/pipelines/agent/build/.scannerwork/ucfg2/python`

`INFO: Read 0 type definitions`

`INFO: Reading UCFGs from: /opt/atlassian/pipelines/agent/build/.scannerwork/ucfg2/python`

`INFO: No UCFGs have been included for analysis.`

`INFO: Sensor PythonSecuritySensor [security] (done) | time=1ms`

`INFO: Sensor JsSecuritySensor [security]`

`INFO: Reading type hierarchy from: /opt/atlassian/pipelines/agent/build/.scannerwork/ucfg2/js`

`INFO: Read 0 type definitions`

`INFO: Reading UCFGs from: /opt/atlassian/pipelines/agent/build/.scannerwork/ucfg2/js`

`INFO: 13:43:47.813726 Building Runtime Type propagation graph`

`INFO: 13:43:48.051687 Running Tarjan on 40953 nodes`

`INFO: 13:43:48.098332 Tarjan found 40952 components`

`INFO: 13:43:48.171802 Variable type analysis: done`

`INFO: 13:43:48.173941 Building Runtime Type propagation graph`

`INFO: 13:43:48.380355 Running Tarjan on 40953 nodes`

`INFO: 13:43:48.425035 Tarjan found 40952 components`

`INFO: 13:43:48.489684 Variable type analysis: done`

`INFO: Analyzing 7792 ucfgs to detect vulnerabilities.`

`INFO: Taint analysis starting. Entrypoints: 495`

`INFO: Running symbolic analysis for 'JS'`

I already tried solutions on similar issues (increasing the memory, adding export NODE_OPTIONS=–max-old-space-size=6144, adding size: 2x…).

Any idea how to solve it?

3

Solved by changing docker memory to 4096 and SONAR_SCANNER_OPTS to 2048.

1 Like
5

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.