Error: "Failed to resolve Helm project directory"

SonarQube Server / Community Build
1

We’re using Community Build v25.1.0.102122

I think the issue is most relevant to our Azure Devop CI pipeline though, where we’re using task SonarQubeAnalyze@7 . From the log output it looks like this is version 7.1.1 and SonarScanner 5.0.1.3006

Log output (mildly sanitised the filepath) shows the issue:

INFO: Sensor IaC Kubernetes Sensor [iac]
INFO: 9 source files to be parsed

##[error]ERROR: Failed to evaluate Helm file APIs/OurApi/DevOps/k8s/base/deployment.yml: Failed to resolve Helm project directory

ERROR: Failed to evaluate Helm file APIs/OurApi/DevOps/k8s/base/deployment.yml: Failed to resolve Helm project directory

INFO: 9/9 source files have been parsed
INFO: 9 source files to be analyzed
INFO: 9/9 source files have been analyzed
INFO: 9 source files to be checked
INFO: 9/9 source files have been checked
INFO: Sensor IaC Kubernetes Sensor [iac] (done) | time=323ms

Can anyone explain the issue here? This only started occurring when we updated to the new version of SonarQubeAnalyze@7 (7.1.1). When on SonarQubeAnalyze@6 (6.3.4) this issue was not occurring.

The yml files that are being detected are Kubernetes deployment manifests, but we’re not using Helm at all. We are however using ‘Kustomize’ (https://kustomize.io/) to adjust the manifests for different environments, so some yml files are only partial replacements to base layer images.

Advice on what we can do to mitigate the error being reported (or what we might be doing wrong otherwise) would be welcome. Thanks

6

Hi @Paul-FC

Welcome to the community and thank you for your feedback!

I created a ticket in our Jira about introducing the flag to disable Helm analysis at all and to improve our logging: Jira.

I fully agree that the error log is misleading.
Currently, we don’t support Kustomize, only pure Kubernetes and Helm files are analyzed. There is no easy way to detect if the file uses Kustomize or Helm. Most probably in your case, the deployment.yml contains {{ and the analyzer assumes it is Helm template, it tries to resolve the Helm project directory (the place where Chart.yaml is located) and it fails. This produces the log output you mentioned.

I can suggest for now:

  • ignore the entry in the logs.
  • you can exclude the file from analysis by setting: sonar.exclusions="**/DevOps/k8s/base/deployment.yml". But then you may miss other issues in the file.
  • you can switch back to SonarQubeAnalyze@6 but my guess is that this is not the root cause. It is recommended to use the newest task version.

Best
Marcin Stachniuk

1 Like
8

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.