Build-wrapper gives execv/execvp errors in docker container

Sonarqube version 10, deployed through Docker.

I’m trying to run the build wrapper on a multi-language (C++/Python) repository, and it keeps giving me:

docker exec -u user -t -w /data/work/_build jenkinsdevelopmentvalidationPR58145 build-wrapper --out-dir “/sonarqube” cmake --build . --target create_project_open_archive --config Release – -j8
execv: Permission denied

This error keeps showing up when I call it with the docker user we have.
I’ve also tried calling it with sudo(only for testing purposes, can’t be kept in production), the error changed to:

docker exec -u user -t -w /data/work/_build jenkinsdevelopmentvalidationPR58145 sudo build-wrapper --out-dir “/sonarqube” cmake --build . --target create_project_open_archive --config Release – -j8
execvp: No such file or directory

If I call it with bad arguments (output-dir instead of out-dir, for example), it does print a usage, so I know the build-wrapper is properly called.

Please help.


Welcome to the community!

Per the docs

C/C++/Objective-C analysis is NOT supported by SonarScanner CLI Docker image

So you’re going to need to run this on a non-Docker build agent.


I am not using the SonarScanner CLI Docker image, I am using a custom ubuntu image where we manually install the build-wrapper and sonar-scanner, build and run sonar-scanner directly all on the same container. Is that also not functional?

I’ve also passed that bug and now continuously end up with the error:
java.lang.IllegalStateException: The “build-wrapper-dump.json” file was found but 0 C/C++/Objective-C files were analyzed.
We’ve managed to get it to work apparently by pure luck twice, but can’t make it work again.

We do have a filled up build-wrapper-dump.json:
cat sonarqube/build-wrapper-dump.json | wc -l

But the error keeps showing up for no discernable reason. I have tried to change the paths from relative to absolute, and even to give non-existent paths: on non-existent paths, it does give an IO.FileNotFound error, but on all others it does find the correct file.


Can you try this without Docker?



That is unfortunately not an option.
I do have a sonar-scanner debug log and build-wrapper-dump.json/build-wrapper.log.


Perhaps a complation database would work for you?


Your docs are unclear:

  • The Build Wrapper collects information about the build, including absolute file paths (source files, standard headers, libraries, etc…). Later on, SonarScanner uses this information and needs to access those paths. While this is straightforward when running these two steps on the same host, it is worth considering when using any containerization. A consequence of this is that C/C++/Objective-C analysis is NOT supported by SonarScanner CLI Docker image

I am NOT using any kind of interop between containers. I am not using the sonar-scanner container. Everything is installed and running on the same ubuntu container.

Can you confirm or deny that this is possible or not? I don’t see why running the build-wrapper and sonar-scanner all installed on the same system, whether it’s in a container or not, would be impossible.


The docs advise pretty clearly IMO against using containerization in your build/analysis. Since you say that’s not an option for you, the fallback option is using a compilation database.