Exception Running Analysis

dogac_akyildiz · June 21, 2021, 2:30pm

Hi,

We are getting an error in GitLab CI with dotnet-sonarscanner. Here is our CI script:

Sonar Analysis:
  stage: Sonar Analysis
  image: dotnet-image-with-sonar-scanner
  extends: .dind
  script:
    - dotnet restore --packages .nuget
    - dotnet test 
      /p:CollectCoverage=true 
      /p:CoverletOutputFormat=opencover 
      --no-restore
    - dotnet-sonarscanner begin 
      /k:$SONAR_PROJECT_NAME 
      /n:$SONAR_PROJECT_NAME 
      /d:sonar.host.url=$SONAR_HOST_URL 
      /d:sonar.login=$SONAR_USER 
      /d:sonar.password=$SONAR_PASS 
      /d:sonar.cs.opencover.reportsPaths="./tests/coverage.opencover.xml"
      /d:sonar.exclusions=".nuget/**"
    - dotnet build -nologo -consoleLoggerParameters:NoSummary -verbosity:quiet --no-restore
    - dotnet-sonarscanner end 
      /d:sonar.login=$SONAR_USER 
      /d:sonar.password=$SONAR_PASS 
  allow_failure: false
  variables:
    SONAR_PROJECT_NAME: $CI_PROJECT_NAME
  cache:
    key: nuget
    paths:
      - .nuget/
    policy: pull-push

The error we are getting is this:

ERROR: Error during SonarScanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
	at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
	at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
	at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Fail to download scanner-developer-8.9.0.43852-all.jar to /root/.sonar/cache/_tmp/fileCache12135603279450803939.tmp
	at org.sonarsource.scanner.api.internal.cache.FileCache.download(FileCache.java:100)
	at org.sonarsource.scanner.api.internal.cache.FileCache.get(FileCache.java:84)
	at org.sonarsource.scanner.api.internal.JarDownloader.lambda$getScannerEngineFiles$0(JarDownloader.java:60)
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195)
	at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1655)
	at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484)
	at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474)
	at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:913)
	at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
	at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:578)
INFO: Final Memory: 7M/483M
INFO: ------------------------------------------------------------------------
	at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:61)
	at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
	... 7 more
Caused by: javax.net.ssl.SSLException: Connection reset
	at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:127)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:350)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:293)
	at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:288)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:144)
	at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1411)
	at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1376)
	at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:963)
	at org.sonarsource.scanner.api.internal.shaded.okio.Okio$2.read(Okio.java:140)
	at org.sonarsource.scanner.api.internal.shaded.okio.AsyncTimeout$2.read(AsyncTimeout.java:237)
	at org.sonarsource.scanner.api.internal.shaded.okio.RealBufferedSource.read(RealBufferedSource.java:51)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http1.Http1ExchangeCodec$AbstractSource.read(Http1ExchangeCodec.java:389)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http1.Http1ExchangeCodec$ChunkedSource.read(Http1ExchangeCodec.java:475)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.Exchange$ResponseBodySource.read(Exchange.java:286)
	at org.sonarsource.scanner.api.internal.shaded.okio.RealBufferedSource$1.read(RealBufferedSource.java:447)
	at java.base/java.io.InputStream.transferTo(InputStream.java:704)
	at java.base/java.nio.file.Files.copy(Files.java:3077)
	at org.sonarsource.scanner.api.internal.ServerConnection.downloadFile(ServerConnection.java:82)
	at org.sonarsource.scanner.api.internal.JarDownloader$ScannerFileDownloader.download(JarDownloader.java:73)
	at org.sonarsource.scanner.api.internal.cache.FileCache.download(FileCache.java:98)
	... 19 more
	Suppressed: java.net.SocketException: Broken pipe (Write failed)
		at java.base/java.net.SocketOutputStream.socketWrite0(Native Method)
		at java.base/java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:110)
		at java.base/java.net.SocketOutputStream.write(SocketOutputStream.java:150)
		at java.base/sun.security.ssl.SSLSocketOutputRecord.encodeAlert(SSLSocketOutputRecord.java:81)
		at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:381)
		... 37 more
Caused by: java.net.SocketException: Connection reset
	at java.base/java.net.SocketInputStream.read(SocketInputStream.java:186)
	at java.base/java.net.SocketInputStream.read(SocketInputStream.java:140)
	at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:476)
	at java.base/sun.security.ssl.SSLSocketInputRecord.readFully(SSLSocketInputRecord.java:459)
	at java.base/sun.security.ssl.SSLSocketInputRecord.decodeInputRecord(SSLSocketInputRecord.java:243)
	at java.base/sun.security.ssl.SSLSocketInputRecord.decode(SSLSocketInputRecord.java:181)
	at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:110)
	... 34 more
ERROR: 
The SonarScanner did not complete successfully
14:04:23.508  Post-processing failed. Exit code: 1

Lately, we have been serving SonarQube with SSL, so we just started using SSL and HTTPS with SonarQube. What can be the problem here?

Thank you!

Template for a good bug report, formatted with Markdown:

SonarQube Version 9.6.0, dotnet-sonarscanner Version 5.0.4.
Logs provided.

dogac_akyildiz · June 22, 2021, 10:49am

Hi guys,

Any help would be appreciated!

Thanks.

Monty_Dickerson · June 23, 2021, 1:43pm

Hi Dogac.

Are the SSL certificates of the servers signed by a well-known CA authority that would be in Java’s default CA certificate store?

—
Regards,
Monty

dogac_akyildiz · June 25, 2021, 9:28am

Hi @Monty_Dickerson

Our servers certificates are signed by GlobalSign.

We have been using this certificate for our older SonarQube servers too. We have been using SonarQube Community Edition Version 8.6.1 (build 40680) before and we were using this certificate as well and we did not get any SSL Errors with that server.

Lately we moved to Developer Edition Version 8.9 (build 43852) and we started to get this error occasionally.

By the way, we are using JRE 11 in SonarQube client side. The docker image for both older and newer SonarQube servers are the same.

Thank you,
Dogac

Monty_Dickerson · June 28, 2021, 5:57pm

Hi Dogac.

Is dotnet-image-with-sonar-scanner (extended dind) your own custom image? And what is the reason for doing it this way?
I don’t understand why you test before you build. Our docs recommend:

between the begin and end steps, you need to build your project, execute tests and generate code coverage data.

Monty

Monty_Dickerson · June 29, 2021, 3:45am

In case what’s happening is a timeout during analysis while waiting for the server to respond to web service calls, you can extend the maximum wait for the response of a Web Service call: adjust analysis paramter sonar.ws.timeout (which defaults to 60 seconds) to 300.

In any case, while troubleshooting change the SQ log level to debug.

You can also turn on Java SSL debug logging by passing /d:javax.net.debug=ssl.

dogac_akyildiz · June 29, 2021, 4:28pm

Hi Monty,

Yes, it is our custom image, it includes dotnet/sdk:5.0, JRE 11, dotnet-sonarscanner, coverlet etc. We do not want to download these libraries and tools everytime the job runs.
We always did it like this, we did not have any problems doing this way, we run tests and we give the coverage file as an input to SonarQube afterwards.

Dogac

dogac_akyildiz · June 29, 2021, 4:30pm

Thank you, I will increase the timeout and and SSL debug logging and share the results.

This error occurs once in a while or I’d say once every three tests I think.

Andrei_Epure · July 19, 2021, 2:00pm

Hello - did your changes work?