Must-share information (formatted with Markdown):
- which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension): SonarQube 9.9.0 LTS, sonar-scanner 4.8.0.2856
- how is SonarQube deployed: Helm
- what are you trying to achieve: Scan a C/C++ bazel project
- what have you tried so far to achieve this:
- Successfully generated a compilation database with GitHub - hedronvision/bazel-compile-commands-extractor: Goal: Enable awesome tooling for Bazel users of the C language family.
- Generated all generated source files with
bazel build $(bazel query 'filter(".*\.(?:cpp|hpp|inl|c|h|cc|hh|cxx|hxx)$", kind("generated file", //...:*))')
To recreate the sandboxed build environment Hedron Vision’s bazel compile command generator generates a symlink in <project_dir>/external
. This links to <project_dir>/bazel-out/../../../external
, which in turn links to /home/<user>/.cache/bazel/_bazel_<user>/<hash>/external
.
When I run sonar-scanner on this project I get the following error message:
WARN: Not indexing due to symlink loop: <project_dir>/bazel-src/external/pcl/bin/X11
...
ERROR: Error during SonarScanner execution
java.lang.IllegalStateException: Failed to index files
at org.sonar.scanner.scan.filesystem.ProjectFileIndexer.indexFiles(ProjectFileIndexer.java:214)
at org.sonar.scanner.scan.filesystem.ProjectFileIndexer.index(ProjectFileIndexer.java:169)
at org.sonar.scanner.scan.filesystem.ProjectFileIndexer.indexModulesRecursively(ProjectFileIndexer.java:148)
at org.sonar.scanner.scan.filesystem.ProjectFileIndexer.index(ProjectFileIndexer.java:115)
at org.sonar.scanner.scan.SpringProjectScanContainer.doAfterStart(SpringProjectScanContainer.java:363)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:137)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
at org.sonarsource.scanner.cli.Main.execute(Main.java:126)
at org.sonarsource.scanner.cli.Main.execute(Main.java:81)
at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: java.nio.file.AccessDeniedException: <project_dir>/bazel-src/external/pcl/NX/var/tmp/nx
at java.base/sun.nio.fs.UnixException.translateToIOException(Unknown Source)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
at java.base/sun.nio.fs.UnixFileSystemProvider.newDirectoryStream(Unknown Source)
at java.base/java.nio.file.Files.newDirectoryStream(Unknown Source)
at java.base/java.nio.file.FileTreeWalker.visit(Unknown Source)
at java.base/java.nio.file.FileTreeWalker.next(Unknown Source)
at java.base/java.nio.file.Files.walkFileTree(Unknown Source)
at org.sonar.scanner.scan.filesystem.ProjectFileIndexer.indexDirectory(ProjectFileIndexer.java:221)
at org.sonar.scanner.scan.filesystem.ProjectFileIndexer.indexFiles(ProjectFileIndexer.java:207)
... 23 more
ERROR:
ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.
If I run this under sudo
to avoid the access denied issue, it loops forever printing different variations of finding symlink loops.
If I replace all the “external/…” in my compile_commands.json and replace them with the linked to location the problem disappears and sonar-scanner can execute.
- Maybe the indexing could be less eager and ignore locations it can’t scan. I think with build to1. ols like Bazel the assumption breaks that sonar-scanner should have access to every location that is accessible from the project space. There’s no need to index files and directories that aren’t included or used as source files.
- I can’t find any symlink loops where sonar-scanner mentions them. How is this determined?
- Adding the external folder to sonar.exclusions does not prevent this eager indexing, which IMHO it should.