Can not add the same measure twice on blue-deployment.yml

eliassal · April 18, 2023, 10:30am

I have a CI/CD for a java project where I call sonarqube and analysis goes through successfuly until this morning. I added a yaml file in the project, very simple yaml, for the creation of pod in K8S, as soon as I ran the cicd pipeline I got

ERROR: Error during SonarScanner execution
java.lang.UnsupportedOperationException: Can not add the same measure twice on blue-deployment.yml: DefaultMeasure[component=blue-deployment.yml,metric=Metric[uuid=<null>,key=ncloc_data,description=<null>,type=DATA,direction=0,domain=<null>,name=ncloc_data,qualitative=false,userManaged=false,enabled=true,worstValue=<null>,bestValue=<null>,optimizedBestValue=false,hidden=false,deleteHistoricalData=false,decimalScale=<null>],value=1=1;2=1;3=1;4=1;5=1;6=1;7=1;8=1;9=1;10=1;11=1;12=1;13=1;14=1;15=1;16=1;17=1;18=1;19=1;20=1;21=1;22=1,fromCore=false,storage=org.sonar.scanner.sensor.DefaultSensorStorage@300b839c,saved=false]
	at org.sonar.scanner.sensor.DefaultSensorStorage.saveMeasure(DefaultSensorStorage.java:175)
	at org.sonar.scanner.sensor.DefaultSensorStorage.store(DefaultSensorStorage.java:135)
	at org.sonar.api.batch.sensor.measure.internal.DefaultMeasure.doSave(DefaultMeasure.java:96)
	at org.sonar.api.batch.sensor.internal.DefaultStorable.save(DefaultStorable.java:45)

Must-share information (formatted with Markdown):

versions SonarQube : 9.8
how is SonarQube deployed: on a fedora 37 VM

The call to sonarQube happens inside a jenkins pipeline as follows

stage('SonarQube Analysis') {
            steps {
                sh 'sonar-scanner \
                -Dsonar.host.url=http://192.168.100.11:9000 \
                -Dsonar.login=sqa_8f0.................6f88888ba \
                -Dsonar.projectKey=game-of-lifeonGitHub \
                -Dsonar.sources=. \
                -Dsonar.java.binaries=.'
            }
        }

ganncamp · April 20, 2023, 12:58pm

Hi,

This error typically comes from an overlap in the definition of sonar.sources and sonar.tests. Can you check Project Settings → Background Tasks → [row cog menu] → Show Scanner Context and see if sonar.tests is defined (perhaps in a sonar-project.properties file)? A definition of sonar.sources=. is pretty broad and would automatically overlap anything defined for sonar.tests.

Ann

eliassal · April 20, 2023, 1:26pm

Hi Ann, I did visit the project settings, no sonar.tests item (I have disabled K8S plugin in the system to be able to run the analysis)

Scanner Context: game-of-lifeonGitHub [Project Analysis]
Plugins:
  - Dependency-Check 3.0.1 (dependencycheck)
  - jDepend 1.1.1 (jdepend)
  - detekt 2.5.0 (detekt)
  - Sonar WebDriver Plugin 1.0.5 (webdriver)
  - YAML Analyzer 1.7.0 (yaml)
Bundled analyzers:
  - Python Code Quality and Security 3.21.0.10628 (python)
  - Go Code Quality and Security 1.11.0.3905 (go)
  - JaCoCo 1.1.1.1157 (jacoco)
  - Kotlin Code Quality and Security 2.12.0.1956 (kotlin)
  - IaC Code Quality and Security 1.9.2.2279 (iac)
  - JavaScript/TypeScript/CSS Code Quality and Security 9.12.0.20319 (javascript)
  - Ruby Code Quality and Security 1.11.0.3905 (ruby)
  - Scala Code Quality and Security 1.11.0.3905 (sonarscala)
  - C# Code Quality and Security 8.50.0.58025 (csharp)
  - Java Code Quality and Security 7.15.0.30507 (java)
  - HTML Code Quality and Security 3.7.1.3306 (web)
  - Flex Code Quality and Security 2.8.0.3166 (flex)
  - XML Code Quality and Security 2.6.1.3686 (xml)
  - PHP Code Quality and Security 3.25.0.9077 (php)
  - Text file Code Quality and Security 1.2.0.510 (text)
  - VB.NET Code Quality and Security 8.50.0.58025 (vbnet)
  - Configuration detection fot Code Quality and Security 1.2.0.267 (config)
Global server settings:
  - email.from=blahblah@blahblah.net
  - email.fromName=blahblah@blahblah.net
  - sonar.core.id=9D6E76F7-AYVj4CA9Pg8SM2k-76FS
  - sonar.core.startTime=2023-04-20T09:14:06+0200
  - sonar.forceAuthentication=false
  - sonar.kubernetes.activate=false
  - sonar.lf.enableGravatar=true
  - sonar.plugins.risk.consent=ACCEPTED
  - sonar.projectCreation.mainBranchName=master
Project server settings:
Project scanner properties:
  - sonar.host.url=http://192.168.100.100:9000
  - sonar.java.binaries=.
  - sonar.login=******
  - sonar.projectBaseDir=/home/jenkins/workspace/blue-green-deployment
  - sonar.projectKey=game-of-lifeonGitHub
  - sonar.scanner.app=ScannerCLI
  - sonar.scanner.appVersion=4.8.0.2856
  - sonar.sourceEncoding=UTF-8
  - sonar.sources=.
  - sonar.working.directory=/home/jenkins/workspace/blue-green-deployment/.scannerwork

ganncamp · April 20, 2023, 2:30pm

Hi,

Thanks for including the full context!

Can you uninstall the YAML plugin & try again? I’m guessing that’s where the conflict is coming from.

Ann

eliassal · April 20, 2023, 3:05pm

Thanks Ann, I uninstalled the yaml, renabled K8S and analysis went through but in spite of the fact that I have 3 yaml K8S files I dont see any activity of analysis on those files? Where can we see what happened during analysis, what I mean what SQ analyzed?
Thanks again for your help

ganncamp · April 20, 2023, 3:18pm

Hi,

Ah! Right. You’re on SonarQube 9.8. Upgrade to 9.9 (since you have to hit each intervening LTS version between your start point and your target version) and then to 10.0 and try again, please.

Ann