Bamboo and SonarScanner issue: java.lang.IllegalStateException: Failed to find all committed files

SonarQube: 10.1 (Upgraded from 8.5 → 8.9 → 9.9 → 10.1)
SonarScanner: 5.14.0 (Dotnet)

Bamboo is used to build and scan project with a docker container. Worked without error before, now we are getting this error after upgrade:

The only work-around we’ve been able to get to work so far is:
EDIT: (This doesn’t always work, I have to try a few options many times until it finally works)

1. Go to bamboo project and configure plan
2. Click on the Repositories tab of the plan configuration
3. Click on your repository in the list
4. Expand Advanced Options
5. Un-checked “Enable repository caching on agents”

Now this feature says “Cache repositories on agents to save bandwidth. Note: caches are always full clones of the source repository.”. So it SHOULD have all the commit history, so I don’t understand what is going on with SonarScanner suddenly on 10.1 with 5.14.0. It is happening on ALL of our builds now.

The commit it is complaining about is also the HEAD, which it should have:

$ git show 146854cb159f9fadb23b7d04604885d8a90536fa
commit 146854cb159f9fadb23b7d04604885d8a90536fa (HEAD -> main, origin/main, origin/HEAD)

Log output from SonarScanner

...
...
...
INFO: Sensor Zero Coverage Sensor (done) | time=2ms
INFO: SCM Publisher SCM provider for this project is: git
INFO: SCM Publisher 26 source files to be analyzed
INFO: This git repository references another local repository which is not well supported. SCM information might be missing for some files. You can avoid borrow objects from another local repository by not using --reference or --shared when cloning it.
INFO: SCM Publisher 0/26 source files have been analyzed (done) | time=126ms
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 4:37.008s
INFO: Final Memory: 36M/148M

ERROR: Error during SonarScanner execution
INFO: ------------------------------------------------------------------------
java.lang.IllegalStateException: Failed to find all committed files
        at org.sonar.scm.git.CompositeBlameCommand.collectAllCommittedFiles(CompositeBlameCommand.java:163)
        at org.sonar.scm.git.CompositeBlameCommand.getCommittedFilesToBlame(CompositeBlameCommand.java:105)
        at org.sonar.scm.git.CompositeBlameCommand.blame(CompositeBlameCommand.java:91)
        at org.sonar.scanner.scm.ScmPublisher.publish(ScmPublisher.java:87)
        at org.sonar.scanner.scan.SpringProjectScanContainer.doAfterStart(SpringProjectScanContainer.java:373)
        at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
        at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
        at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:137)
        at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
        at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
        at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:71)
        at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:65)
        at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
        at jdk.proxy1/jdk.proxy1.$Proxy0.execute(Unknown Source)
        at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
        at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:126)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:81)
        at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: org.eclipse.jgit.errors.MissingObjectException: Missing unknown 146854cb159f9fadb23b7d04604885d8a90536fa
        at org.eclipse.jgit.internal.storage.file.WindowCursor.open(WindowCursor.java:143)
        at org.eclipse.jgit.lib.ObjectReader.open(ObjectReader.java:216)
        at org.eclipse.jgit.revwalk.RevWalk.parseAny(RevWalk.java:1110)
        at org.eclipse.jgit.revwalk.RevWalk.parseCommit(RevWalk.java:1021)
        at org.sonar.scm.git.CompositeBlameCommand.collectAllCommittedFiles(CompositeBlameCommand.java:150)
        ... 23 more
ERROR:
The SonarScanner did not complete successfully
20:53:53.348  Post-processing failed. Exit code: 1

It is even happening with other projects in Bamboo, but without docker, and using java code SonarScanner instead of dotnet

15-Nov-2023 11:00:15  Missing unknown c0b33649894e2625e83f96ab8022bd07bb5e995b
15-Nov-2023 11:00:15  org.eclipse.jgit.errors.MissingObjectException: Missing unknown c0b33649894e2625e83f96ab8022bd07bb5e995b

It seems this is some odd CACHE issue with the way bamboo handles git caching.

The work-around fix described in the original post (Mostly) works: Sometimes you have to do a clean pull and clear the cache first.

There are many articles about it.

The odd thing is, only SonarScanner seems to be affected by this caching issue.

I wonder if it’s something SonarScanner needs to update to handle the caching situation?

Some links for reference:

https://jira.atlassian.com/browse/BAM-11930?focusedId=1795741&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-1795741

https://confluence.atlassian.com/bamkb/how-stored-git-caches-speed-up-builds-690848923.html

Ok, so I used the JGIT standalone shell script.

It came back with the same error.

This seems to be some sort of access or caching issue.

If I clear the bamboo cache first, the scan works fine.

Anyone else have this issue with bamboo, docker, git, and cache issues where jgit sonarscanner can’t see a commit hash?

If I disable SCM, the error goes away, but then I get this warning in SonarQube, and then no BitBucket code insight report is sent back, and so the PR can’t get merged because of this

SonarQube shows this:
Pull request decoration is not possible due to unknown or missing commit for pull request ‘1’. Please check the scanner logs for any SCM related issue.

BitBucket’s PR shows this:
Report with key ‘com.sonarsource.sonarqube’ has not yet been created

We had to have our bamboo admins clear the cache. Somehow bamboo is still trying to use the cache even when we uncheck it from the repositories.

Once they cleared the cache, and then we unchecked it, the clone steps gets many errors at first, but succeeds, and then the scan can finally find the git hashes.

So it seems this is not an issue with SonarScanner, SonarQube, GIT, or JGIT.

It seems to be an issue with Bamboo. (May/may not involve docker). And a weird caching thing when using the task ‘Checkout Default Repository’ of type ‘com.atlassian.bamboo.plugins.vcs:task.vcs.checkout’.

I’m providing extra details here because I’ve wasted 3 days on this, and I don’t want anyone else to if they don’t have to.

Different full solutions/work-arounds. Try one of these below.
A) disable cache on the repository and then clear the cache for the repo on all bamboo agents

• maven - Bamboo build error: How to properly clean bamboo caches? - Stack Overflow

EDIT: This doesn’t work, the cache magically came back for some reason and we don’t know why.

B) mount the cache into your docker container so it has access to it inside the container

• How to get Atlassian Bamboo repository caching to work with docker? - Stack Overflow
• https://community.atlassian.com/t5/Bamboo-questions/Git-error-when-running-job-in-Docker-Container/qaq-p/1961850

C) Globally disable SCM (WARNING: This will break Pull Request Decoration in BitBucket, and you will lose blame information)
/admin/settings?category=scm and then disable it
or use flag sonar.scm.disabled=true

NOTE: This flag is not documented in the online documentation, but is visible on the SCM admin page on your SonarQube sever.

• https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/scm-integration/

D) Re-pack your git repo with a task outside and before running the docker container.
git repack -a -d

• https://community.atlassian.com/t5/Bamboo-questions/git-issue-using-atlassian-bamboo-agent-base-docker-image/qaq-p/1007484