As per my previous conversation with Ann on this post:
I’m creating a new post to troubleshoot why this error comes on our CI / CD pipeline in AWS CodePipeline when we let our SCM sensor disabled:
Key: sonar.scm.disabled=false
ERROR: Error during SonarScanner execution
981 ERROR: Not inside a Git work tree: /codebuild/output/src287723511/src
Hi,
Let’s start with your checkout. Do you check out the code and then cd into a subdirectory for analysis?
Ann
Hi Ann good day,
No. Basically I create everything inside CodeBuild which basically creates a VM for building the process, and run the command.
Here is my buildspec.yml:
version: 0.2
env:
secrets-manager:
TOKEN: trip-ninja/sonar:sonartoken
HOST: trip-ninja/sonar:HOST
Organization: trip-ninja/sonar:Organization
Project: trip-ninja/sonar:Project
Branch: trip-ninja/sonar:Branch
phases:
install:
runtime-versions:
python: 3.8
pre_build:
commands:
- export SONAR_SCANNER_VERSION=4.7.0.2747
- export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-linux
- curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-linux.zip
- unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
- export PATH=$SONAR_SCANNER_HOME/bin:$PATH
- wget https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-4.7.0.2747-linux.zip
- unzip ./sonar-scanner-cli-4.7.0.2747-linux.zip
- export PATH=$PATH:/sonar-scanner-4.7.0.2747-linux/bin/
- export SONAR_SCANNER_OPTS="-server"
- export SONAR_TOKEN=aeff742e7934e9230c8ca7d388224573b8566ac5
build:
commands:
- echo Build started on `date`
- echo Starting SonarCloud Analysis...
- export SONAR_SCANNER_OPTS="-Xmx2048m"
- sonar-scanner -Dsonar.organization=$Organization -Dsonar.projectKey=$Project -Dsonar.sources=. -Dsonar.host.url=$HOST -Dsonar.branch.name=$Branch -Dsonar.scm.disabled=true
- sleep 5
- curl -u $TOKEN https://sonarcloud.io/api/qualitygates/project_status?projectKey=trip_ninja_api | jq '.projectStatus.status' > result.txt
- echo Running SonarCloud Analysis...
- grep -q "OK" result.txt && echo "Checking Sonar Analysis...!" $CODEBUILD_BUILD_SUCCEEDING -eq 1 || $CODEBUILD_BUILD_SUCCEEDING -eq 0
post_build:
commands:
- echo Build completed on `date`
- echo $CODEBUILD_BUILD_SUCCEEDING > value.txt
- grep -q "0" value.txt && echo "Sonar Analysis Failed!" || echo "Sonar Analysis Succeeded!"
artifacts:
files:
# Represents all files recursively
- '**/*'
Hi,
I’m not seeing the checkout in there?
Can you paste the full job log, starting from the checkout?
Ann
Hi Chris,
I see this at the beginning of your log:
[Container] 2023/03/08 19:20:36 Waiting for agent ping
[Container] 2023/03/08 19:20:39 Waiting for DOWNLOAD_SOURCE
[Container] 2023/03/08 19:20:40 Phase is DOWNLOAD_SOURCE
[Container] 2023/03/08 19:20:40 CODEBUILD_SRC_DIR=/codebuild/output/src982908217/src
[Container] 2023/03/08 19:20:40 YAML location is /codebuild/output/src982908217/src/buildspec.yml
[Container] 2023/03/08 19:20:40 No commands found for phase name: install
[Container] 2023/03/08 19:20:40 Setting HTTP client timeout to higher timeout for S3 source
[Container] 2023/03/08 19:20:40 Processing environment variables
[Container] 2023/03/08 19:20:40 Setting HTTP client timeout to higher timeout for S3 source
[Container] 2023/03/08 19:20:40 Setting HTTP client timeout to higher timeout for S3 source
[Container] 2023/03/08 19:20:40 Setting HTTP client timeout to higher timeout for S3 source
[Container] 2023/03/08 19:20:40 Setting HTTP client timeout to higher timeout for S3 source
[Container] 2023/03/08 19:20:40 Setting HTTP client timeout to higher timeout for S3 source
[Container] 2023/03/08 19:20:41 Selecting 'python' runtime version '3.8' based on manual selections...
[Container] 2023/03/08 19:20:41 Running command echo "Installing Python version 3.8 ..."
Installing Python version 3.8 ...
Instead of a checkout, your log talks about a “download”.
That would explain why you’re seeing:
You need to be using git commands to retrieve the code to make it available to analysis.
Ann