Fail to download scanner-enterprise-10.2.1.78527-all.jar to _tmp/fileCache7390054756102182823.tmp

I have azure devops pipeline and in that I am using docker task. and in the docker I am scanning my code.

Note:

• Some pipeline with same configuration is working fine, but some pipeline have issue.
• Sonar server hosted privately.

Before download file its request which file I need to download.

so, using Get bootstrap index request its get response scanner-enterprise-10.2.1.78527-all.jar|b0d057365c708b093ad61bcf3622a6e3 and after that it will request this file.

so, its strange that normal request is completed but file request not completed.

Docker:

FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 5000
ENV ASPNETCORE_URLS=http://+:5000

FROM mcr.microsoft.com/dotnet/sdk:6.0 AS prebuild

# Add dotnet Tools to path
ENV PATH="${PATH}:/root/.dotnet/tools"

WORKDIR /src
...
# Arguments for setting the SonarQube Token, the SonarQube Uri, the SonarQube Project Key and Name
ARG SONAR_TOKEN
ARG SONAR_HOST
ARG SONAR_PROJECT_KEY
ARG SONAR_PROJECT_NAME
ARG PR_NUMBER
ARG PR_BRANCH

RUN if [ -n "$SONAR_TOKEN" ] && [ -n "$SONAR_HOST" ] && [ -n "$SONAR_PROJECT_KEY" ] && [ -n "$SONAR_PROJECT_NAME" ] ; \
    then apt-get update && apt-get dist-upgrade -y \
    && apt-get install -y openjdk-17-jre \
    && dotnet tool install --global dotnet-sonarscanner --ignore-failed-sources ; \
    if [ -n "$PR_NUMBER" ] && [ -n "$PR_BRANCH" ] ; \
    then dotnet sonarscanner begin \
            /k:"$SONAR_PROJECT_KEY" \
            /n:"$SONAR_PROJECT_NAME" \
            /d:sonar.host.url="$SONAR_HOST" \
            /d:sonar.login="$SONAR_TOKEN" \
            /d:sonar.pullrequest.key="$PR_NUMBER" \
            /d:sonar.pullrequest.branch="$PR_BRANCH" \
            /d:sonar.pullrequest.base='develop' \
            /d:sonar.pullrequest.provider=vsts \
            /d:sonar.pullrequest.vsts.instanceUrl='https://dev.azure.com/xxx' \
            /d:sonar.pullrequest.vsts.project='xx' \
            /d:sonar.pullrequest.vsts.repository='xx' \          
            /d:sonar.coverageReportPaths=/test_coverage/SonarQube.xml ; \
    else \
    dotnet sonarscanner begin \
            /k:"$SONAR_PROJECT_KEY" \
            /n:"$SONAR_PROJECT_NAME" \
            /d:sonar.host.url="$SONAR_HOST" \
            /d:sonar.login="$SONAR_TOKEN" \
            /d:sonar.coverageReportPaths=/test_coverage/SonarQube.xml ; \
    fi \
    fi

RUN dotnet build "xx.csproj" -c Release -o /app/build

RUN if [ -n "$SONAR_TOKEN" ] && [ -n "$SONAR_HOST" ] && [ -n "$SONAR_PROJECT_KEY" ] && [ -n "$SONAR_PROJECT_NAME" ] ; \
    then dotnet sonarscanner end /d:sonar.login="$SONAR_TOKEN" ; \
    fi

FROM build AS publish
RUN dotnet publish "xx.csproj" -c Release -o /app/publish

FROM base AS final
WORKDIR /app

COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "xx.dll"]

Info:

#40 0.941 SonarScanner for MSBuild 6.0
#40 0.942 Using the .NET Core version of the Scanner for MSBuild
#40 1.027 Post-processing started.
#40 1.178 Calling the SonarScanner CLI...
#40 1.274 INFO: Scanner configuration file: /root/.dotnet/tools/.store/dotnet-sonarscanner/6.0.0/dotnet-sonarscanner/6.0.0/tools/netcoreapp3.1/any/sonar-scanner-5.0.1.3006/conf/sonar-scanner.properties
#40 1.275 INFO: Project root configuration file: /src/PublicPage/Backend/PublicPageApi/.sonarqube/out/sonar-project.properties
#40 1.331 INFO: SonarScanner 5.0.1.3006
#40 1.331 INFO: Java 17.0.9 Debian (64-bit)
#40 1.332 INFO: Linux 6.2.0-1018-azure amd64
#40 1.571 INFO: User cache: /root/.sonar/cache

Error:

DEBUG: Create: /root/.sonar/cache/_tmp
DEBUG: Extract sonar-scanner-api-batch in temp...
DEBUG: Get bootstrap index...
DEBUG: Download:
https://sonarqube.xxx.com/batch/index
DEBUG: Get bootstrap completed
DEBUG: Download
https://sonarqube.xxx.com/batch/file?name=scanner-enterprise-10.2.1.78527-all.jar
to /root/.sonar/cache/_tmp/fileCache861813820770734243.tmp
#40 305.2 ERROR: Error during SonarScanner execution
#40 305.2 org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
#40 305.2 	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
#40 305.2 	at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
#40 305.2 	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
#40 305.2 	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
#40 305.2 	at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
#40 305.2 	at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
#40 305.2 	at org.sonarsource.scanner.cli.Main.execute(Main.java:74)
#40 305.2 	at org.sonarsource.scanner.cli.Main.main(Main.java:62)
#40 305.2 Caused by: java.lang.IllegalStateException: Fail to download scanner-enterprise-10.2.1.78527-all.jar to /root/.sonar/cache/_tmp/fileCache7390054756102182823.tmp
#40 305.2 	at org.sonarsource.scanner.api.internal.cache.FileCache.download(FileCache.java:100)
#40 305.2 	at org.sonarsource.scanner.api.internal.cache.FileCache.get(FileCache.java:84)
#40 305.2 	at org.sonarsource.scanner.api.internal.JarDownloader.lambda$getScannerEngineFiles$0(JarDownloader.java:60)
#40 305.2 	at java.base/java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:197)
#40 305.2 	at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1625)
#40 305.2 	at java.base/java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:509)
#40 305.2 	at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:499)
#40 305.2 	at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:921)
#40 305.2 	at java.base/java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
#40 305.2 	at java.base/java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:682)
#40 305.2 	at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:61)
#40 305.2 	at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
#40 305.2 	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
#40 305.2 	... 7 more
#40 305.2 Caused by: java.net.SocketTimeoutException: timeout
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okio.Okio$4.newTimeoutException(Okio.java:232)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okio.AsyncTimeout.exit(AsyncTimeout.java:286)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okio.AsyncTimeout$2.read(AsyncTimeout.java:241)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okio.RealBufferedSource.read(RealBufferedSource.java:51)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http1.Http1ExchangeCodec$AbstractSource.read(Http1ExchangeCodec.java:389)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http1.Http1ExchangeCodec$ChunkedSource.read(Http1ExchangeCodec.java:475)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.Exchange$ResponseBodySource.read(Exchange.java:286)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okio.RealBufferedSource$1.read(RealBufferedSource.java:447)
#40 305.2 	at java.base/java.io.InputStream.transferTo(InputStream.java:782)
#40 305.2 	at java.base/java.nio.file.Files.copy(Files.java:3171)
#40 305.2 	at org.sonarsource.scanner.api.internal.ServerConnection.downloadFile(ServerConnection.java:82)
#40 305.2 	at org.sonarsource.scanner.api.internal.JarDownloader$ScannerFileDownloader.download(JarDownloader.java:73)
#40 305.2 	at org.sonarsource.scanner.api.internal.cache.FileCache.download(FileCache.java:98)
#40 305.2 	... 19 more
#40 305.2 Caused by: java.net.SocketException: Socket closed
#40 305.2 	at java.base/sun.nio.ch.NioSocketImpl.endRead(NioSocketImpl.java:253)
#40 305.2 	at java.base/sun.nio.ch.NioSocketImpl.implRead(NioSocketImpl.java:332)
#40 305.2 	at java.base/sun.nio.ch.NioSocketImpl.read(NioSocketImpl.java:355)
#40 305.2 	at java.base/sun.nio.ch.NioSocketImpl$1.read(NioSocketImpl.java:808)
#40 305.2 	at java.base/java.net.Socket$SocketInputStream.read(Socket.java:966)
#40 305.2 	at java.base/sun.security.ssl.SSLSocketInputRecord.read(SSLSocketInputRecord.java:484)
#40 305.2 	at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(SSLSocketInputRecord.java:478)
#40 305.2 	at java.base/sun.security.ssl.SSLSocketInputRecord.bytesInCompletePacket(SSLSocketInputRecord.java:70)
#40 305.2 	at java.base/sun.security.ssl.SSLSocketImpl.readApplicationRecord(SSLSocketImpl.java:1465)
#40 305.2 	at java.base/sun.security.ssl.SSLSocketImpl$AppInputStream.read(SSLSocketImpl.java:1069)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okio.Okio$2.read(Okio.java:140)
#40 305.2 	at org.sonarsource.scanner.api.internal.shaded.okio.AsyncTimeout$2.read(AsyncTimeout.java:237)
#40 305.2 	... 29 more

Hi,

This feels very familiar. Do you happen to work with this user?

 
Ann

Yes Rikin is one of my collegues from the affected teams
@patelriki13 lets continue in my threat as we broke it down already to a minimum.

@rkg ok