Hi Guys,
right now we’re facing a problem with the CI/CD Integration.
We are an unbound organization.
We are trying to create a new project in Sonarcloud if it is not already there as a part of the script in our gitlab-ci.yml.
The script looks like this:
script:
- |
GROUP_ID=$(mvn help:evaluate -Dexpression=project.groupId -q -DforceStdout)
ARTIFACT_ID=$(mvn help:evaluate -Dexpression=project.artifactId -q -DforceStdout)
SONAR_BASIC_AUTH_HEADER=$(echo -n $SONAR_BASIC_AUTH_TOKEN | base64)
SONAR_API_URL='https://sonarcloud.io/api/project_analyses/search?project='$GROUP_ID':'$ARTIFACT_ID
HTTP_STATUS=$(curl -o /dev/null -w '%{http_code}' -s -H "Authorization: Basic $SONAR_BASIC_AUTH_HEADER" $SONAR_API_URL)
echo $HTTP_STATUS
if [ "$HTTP_STATUS" -eq "404" ]
then mvn clean verify -X org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.login=$SONAR_CLOUD_TOKEN -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=CompanyName -Dsonar.projectKey=$GROUP_ID:$ARTIFACT_ID
elif [ "$HTTP_STATUS" -eq "200" ]
then mvn -X sonar:sonar -P sonar -Dsonar.login="$SONAR_CLOUD_TOKEN" -Dsonar.links.scm="$CI_PROJECT_URL" -Dsonar.branch.name=$CI_COMMIT_REF_NAME
fi
now the part that is not working is the following:
then mvn clean verify -X org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.login=$SONAR_CLOUD_TOKEN -Dsonar.host.url=https://sonarcloud.io -Dsonar.organization=CompanyName -Dsonar.projectKey=$GROUP_ID:$ARTIFACT_ID
which is kinda odd because in a local shell the same command is working and creating a new Project in SonarCloud.
The Command it self is from the SonarCloud dokumentation:
SonarScanner for Maven | SonarCloud Docs
As said, locally on any desktop/Laptop it works but in Gitlab the sonar job fails and we get the following error code(s):
[DEBUG] 09:46:41.498 GET 200 https://scanner.sonarcloud.io/plugins/xml/versions/e87a777f80cf384d07400e1b1e3a8cee.jar | time=5ms
[INFO] 09:46:41.653 Load/download plugins (done) | time=16304ms
[DEBUG] 09:46:41.942 Plugins:
[DEBUG] 09:46:41.942 * IaC Code Quality and Security 1.12.0.3222 (iac)
[DEBUG] 09:46:41.942 * PL/SQL Code Quality and Security 3.8.0.4948 (plsql)
[DEBUG] 09:46:41.942 * Scala Code Quality and Security 1.11.0.3905 (sonarscala)
[DEBUG] 09:46:41.942 * C# Code Quality and Security 8.53.0.62665 (csharp)
[DEBUG] 09:46:41.943 * Vulnerability Analysis 10.0.0-M1.19607 (security)
[DEBUG] 09:46:41.943 * Java Code Quality and Security 7.17.0.31219 (java)
[DEBUG] 09:46:41.943 * HTML Code Quality and Security 3.7.1.3306 (web)
[DEBUG] 09:46:41.943 * Flex Code Quality and Security 2.8.0.3166 (flex)
[DEBUG] 09:46:41.943 * XML Code Quality and Security 2.7.0.3820 (xml)
[DEBUG] 09:46:41.943 * Text Code Quality and Security 2.0.1.611 (text)
[DEBUG] 09:46:41.943 * VB.NET Code Quality and Security 8.53.0.62665 (vbnet)
[DEBUG] 09:46:41.943 * Swift Code Quality and Security 4.8.0.5759 (swift)
[DEBUG] 09:46:41.943 * CFamily Code Quality and Security 6.42.0.61084 (cpp)
[DEBUG] 09:46:41.943 * Python Code Quality and Security 4.0.0.11155 (python)
[DEBUG] 09:46:41.943 * Dataflow Bug Detection Rules for Python 1.11.0.3183 (dbdpythonfrontend)
[DEBUG] 09:46:41.943 * Dataflow Bug Detection 1.11.0.3183 (dbd)
[DEBUG] 09:46:41.943 * Go Code Quality and Security 1.11.0.3905 (go)
[DEBUG] 09:46:41.943 * JaCoCo 1.3.0.1538 (jacoco)
[DEBUG] 09:46:41.943 * Kotlin Code Quality and Security 2.13.0.2116 (kotlin)
[DEBUG] 09:46:41.943 * Dataflow Bug Detection Rules for Java 1.11.0.3183 (dbdjavafrontend)
[DEBUG] 09:46:41.944 * T-SQL Code Quality and Security 1.8.0.5601 (tsql)
[DEBUG] 09:46:41.944 * Apex Code Quality and Security 1.11.0.3905 (sonarapex)
[DEBUG] 09:46:41.944 * JavaScript/TypeScript/CSS Code Quality and Security 10.0.1.20755 (javascript)
[DEBUG] 09:46:41.944 * Ruby Code Quality and Security 1.11.0.3905 (ruby)
[DEBUG] 09:46:41.944 * Vulnerability Rules for C# 10.0.0-M1.19607 (securitycsharpfrontend)
[DEBUG] 09:46:41.944 * Vulnerability Rules for Java 10.0.0-M1.19607 (securityjavafrontend)
[DEBUG] 09:46:41.944 * License for SonarLint 8.0.0.38480 (license)
[DEBUG] 09:46:41.944 * Vulnerability Rules for JS 10.0.0-M1.19607 (securityjsfrontend)
[DEBUG] 09:46:41.944 * COBOL Code Quality 5.2.0.5949 (cobol)
[DEBUG] 09:46:41.944 * Vulnerability Rules for Python 10.0.0-M1.19607 (securitypythonfrontend)
[DEBUG] 09:46:41.944 * PHP Code Quality and Security 3.27.1.9352 (php)
[DEBUG] 09:46:41.944 * ABAP Code Quality and Security 3.11.0.4030 (abap)
[DEBUG] 09:46:41.944 * Configuration detection fot Code Quality and Security 1.2.0.267 (config)
[DEBUG] 09:46:41.944 * Vulnerability Rules for PHP 10.0.0-M1.19607 (securityphpfrontend)
[DEBUG] 09:46:41.959 GET 200 https://sonarcloud.io/api/server/version | time=15ms
[DEBUG] 09:46:41.961 Updated analysis started with a difference of -2 milliseconds
[DEBUG] 09:46:41.961 Started at Fri Mar 03 09:46:25 CET 2023
[INFO] 09:46:41.980 Loaded core extensions: developer-scanner
[DEBUG] 09:46:42.022 Installed core extension: com.sonarsource.branch.DeveloperScannerCoreExtension@28996e52
[INFO] 09:46:42.421 Found an active CI vendor: 'Gitlab CI'
[INFO] 09:46:42.429 Load project settings for component key: 'de.company.Team.components.ProjectID:ProjectID'
[DEBUG] 09:46:42.447 GET 404 https://sonarcloud.io/api/settings/values.protobuf?component=de.company.Team.components.ProjectID%3AProjectID | time=18ms
[INFO] 09:46:42.451 Process project properties
[DEBUG] 09:46:42.458 Process project properties (done) | time=7ms
[INFO] 09:46:42.459 Execute project builders
[DEBUG] 09:46:42.459 Execute project builder: org.sonar.plugins.csharp.CSharpGlobalProtobufFileProcessor
[DEBUG] 09:46:42.460 Execute project builder: org.sonar.plugins.vbnet.VbNetGlobalProtobufFileProcessor
[INFO] 09:46:42.461 Execute project builders (done) | time=2ms
[INFO] 09:46:42.462 Project key: de.company.Team.components.ProjectID:ProjectID
[INFO] 09:46:42.462 Base dir: /builds/Team/components/ProjectID
[INFO] 09:46:42.462 Working dir: /builds/Team/components/ProjectID/target/sonar
[DEBUG] 09:46:42.462 Project global encoding: UTF-8, default locale: en_US
[DEBUG] 09:46:42.464 Creating module hierarchy
[DEBUG] 09:46:42.464 Init module 'BelegTrnConsumer Service'
[DEBUG] 09:46:42.465 Base dir: /builds/Team/components/ProjectID
[DEBUG] 09:46:42.465 Working dir: /builds/Team/components/ProjectID/target/sonar
[DEBUG] 09:46:42.465 Module global encoding: UTF-8, default locale: en_US
[INFO] 09:46:42.525 Load project branches
[DEBUG] 09:46:42.542 GET 404 https://sonarcloud.io/api/project_branches/list?project=de.company.Team.components.ProjectID%3AProjectID | time=17ms
[DEBUG] 09:46:42.542 Could not process project branches - continuing without it
[INFO] 09:46:42.543 Load project branches (done) | time=18ms
[INFO] 09:46:42.546 Check ALM binding of project 'de.company.Team.components.ProjectID:ProjectID'
[DEBUG] 09:46:42.564 GET 404 https://sonarcloud.io/api/alm_integration/is_project_bound?project=de.company.Team.components.ProjectID%3AProjectID | time=18ms
[INFO] 09:46:42.564 Detected project binding: NONEXISTENT
[INFO] 09:46:42.565 Check ALM binding of project 'de.company.Team.components.ProjectID:ProjectID' (done) | time=19ms
[INFO] 09:46:42.567 Load project pull requests
[DEBUG] 09:46:42.586 GET 404 https://sonarcloud.io/api/project_pull_requests/list?project=de.company.Team.components.ProjectID%3AProjectID | time=19ms
[DEBUG] 09:46:42.586 Could not process project pull requests - continuing without it
[INFO] 09:46:42.587 Load project pull requests (done) | time=20ms
[INFO] 09:46:42.591 Load branch configuration
[INFO] 09:46:42.593 Auto-configuring branch feature/TIBCO-23668-SonarCloudTesting
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 03:17 min
[INFO] Finished at: 2023-03-03T09:46:42+01:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar (default-cli) on project ProjectID: Unable to load component class org.sonar.scanner.scan.filesystem.InputComponentStore: Unable to load component interface org.sonar.scanner.scan.branch.BranchConfiguration: Could not find a default branch to fall back on. -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar (default-cli) on project ProjectID: Unable to load component class org.sonar.scanner.scan.filesystem.InputComponentStore
We appreciate ur help.
Best Regards,
Lucas