Failed: dotnet sonarscanner command can't reach my sonarqube server

Hello,

I tried to run the dotnet sonarscanner begin and dotnet sonarscanner end commands in my gitlab pipeline here, but I encountered the error below.

I also noticed that the NO_PROXY variable was not taken and that I had to use the unset HTTP_PROXY and unset HTTPS_PROXY commands.

Do you have any idea what’s causing the problem?

example of my gitlab-ci.yml file:

stages:
  - create-dotnet-project-template
  - sonarqube-check


create-dotnet-project-template:
  stage: create-dotnet-project-template
  image: ${ARTIFACT_REPOSTORY_HOST}/mcr-microsoft-com-remote/dotnet/sdk:8.0
  before_script:
    - cat ${SSL_CERT_FILE} > /usr/local/share/ca-certificates/ca-certificates
    - update-ca-certificates
  script: 
    - cd ${CI_PROJECT_DIR}/
    - mkdir ${DOTNET_PROJECT_FOLDER} && cd ${DOTNET_PROJECT_FOLDER}
    - dotnet new console
    - dotnet run
  artifacts:
    untracked: true
    expire_in: 4 hours



sonarqube-check:
  stage: sonarqube-check
  image: ${ARTIFACT_REPOSTORY_HOST}/mcr-microsoft-com-remote/dotnet/sdk:8.0
  variables:
    TAG_SONARSCANNER_DOTNET : "7.1"
    SONAR_SCANNER_SKIP_JRE_PROVISIONING: 'true'
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar" # Defines the location of the analysis task cache
  before_script:
    - cat ${SSL_CERT_FILE} > /usr/local/share/ca-certificates/ca-certificates
    - update-ca-certificates
  script:
    # download Java v17 and set it as default Java version
    - cd /opt && curl -sS -L ${SOURCE_LINK_TO_INSTALL_JAVA_17} -o openjdk-17.0.2.tar.gz
    - tar -xvzf *jdk*17*.tar.gz && rm -rf *jdk*17*.tar.gz && mv *jdk-17* java
    - update-alternatives --install /usr/bin/java java /opt/java/bin/java 1  
    - java -version
 

    # install dotnet-sonarscanner  
    - dotnet tool install --global dotnet-sonarscanner --version ${TAG_SONARSCANNER_DOTNET}
    - export PATH="$PATH:/root/.dotnet/tools"

    - cd ${CI_PROJECT_DIR}/${DOTNET_PROJECT_FOLDER}
    # Test 
    - dotnet test

    - unset HTTP_PROXY
    - unset HTTPS_PROXY

    # Run dotnet sonarscanner 
    - dotnet sonarscanner begin /k:"Project-key-dotnet" /d:sonar.host.url=${SONAR_HOST_URL} /d:sonar.token=${SONAR_TOKEN}
    - dotnet build
    - dotnet sonarscanner end  /d:sonar.token=${SONAR_TOKEN} 

error log:

$ dotnet sonarscanner begin /k:"Project-key-dotnet" /d:sonar.host.url=${SONAR_HOST_URL} /d:sonar.token=${SONAR_TOKEN}
 
SonarScanner for MSBuild 7.1
 
Using the .NET Core version of the Scanner for MSBuild
 
Pre-processing started.
 
Preparing working directories...
 
14:30:56.77 Updating build integration targets...
 
14:30:57.07 Downloading from https://sonarqube.myorganisation .fr/api/v2/analysis/version failed. Http status code is NotFound.
 
14:30:57.101 Downloading from https://sonarqube.myorganisation .fr/api/v2/analysis/jres?os=linux&arch=x64 failed. Http status code is NotFound.
 
14:30:57.103 14:30:57.103 WARNING: JRE Metadata could not be retrieved from analysis/jres?os=linux&arch=x64.
 
14:30:57.107 Downloading from https://sonarqube.myorganisation .fr/api/v2/analysis/jres?os=linux&arch=x64 failed. Http status code is NotFound.
 
14:30:57.107 14:30:57.107 WARNING: JRE Metadata could not be retrieved from analysis/jres?os=linux&arch=x64.
 
14:30:57.11 Fetching analysis configuration settings...
 
14:30:57.521 Provisioning analyzer assemblies for cs...
 
14:30:57.522 Installing required Roslyn analyzers...
 
14:30:57.522 Processing plugin: csharp version 8.51.0.59060
 
14:30:57.618 Processing plugin: vbnet version 8.51.0.59060
 
14:30:57.843 Provisioning analyzer assemblies for vbnet...
 
14:30:57.843 Installing required Roslyn analyzers...
 
14:30:57.843 Processing plugin: csharp version 8.51.0.59060
 
14:30:57.844 Processing plugin: vbnet version 8.51.0.59060
 
14:30:57.851 Incremental PR analysis: Base branch parameter was not provided.
 
14:30:57.851 Cache data is empty. A full analysis will be performed.
 
14:30:57.887 Pre-processing succeeded.
 
$ dotnet build
 
Determining projects to restore...
 
All projects are up-to-date for restore.
 
MyDotnetProject -> /builds/usinelogicielle/public/exemples/sonar-scanner-dotnet/MyDotnetProject/bin/Debug/net8.0/MyDotnetProject.dll
 
Sonar: (MyDotnetProject.csproj) Project processed successfully
 
Build succeeded.
 
0 Warning(s)
 
0 Error(s)
 
Time Elapsed 00:00:04.88
 
$ dotnet sonarscanner end /d:sonar.token=${SONAR_TOKEN}
 
SonarScanner for MSBuild 7.1
 
Using the .NET Core version of the Scanner for MSBuild
 
Post-processing started.
 
Calling the SonarScanner CLI...
 
INFO: Scanner configuration file: /root/.dotnet/tools/.store/dotnet-sonarscanner/7.1.0/dotnet-sonarscanner/7.1.0/tools/netcoreapp3.1/any/sonar-scanner-5.0.1.3006/conf/sonar-scanner.properties
 
INFO: Project root configuration file: /builds/usinelogicielle/public/exemples/sonar-scanner-dotnet/MyDotnetProject/.sonarqube/out/sonar-project.properties
 
INFO: SonarScanner 5.0.1.3006
 
INFO: Java 17.0.2 Oracle Corporation (64-bit)
 
INFO: Linux 3.10.0-1160.102.1.el7.x86_64 amd64
 
INFO: User cache: /builds/usinelogicielle/public/exemples/sonar-scanner-dotnet/.sonar/cache
 
ERROR: SonarQube server [https://sonarqube.myorganisation.fr]] can not be reached
 
INFO: ------------------------------------------------------------------------
 
INFO: EXECUTION FAILURE
 
INFO: ------------------------------------------------------------------------
 
INFO: Total time: 0.440s
 
INFO: Final Memory: 4M/20M
 
~INFO: ------------------------------------------------------------------------~

Hi,

The docs should help.

 
Ann

Hello,

Sorry for the delay,

In the documentation, it says that the NO_PROXY variable should work. But according to our tests, it doesn’t.
Our SonarQube instance should not use the proxy, so we use NO_PROXY with our domain name.
But sonar-scanner still tries to use the proxy.

We’ve tried adding to our Gitlab-CI pipeline without success

SONAR_SCANNER_OPTS: '-Dhttp.nonProxyHosts=“*.domain.com”' 

Only the HTTP_PROXY and HTTPS_PROXY variables are configured, not the java version with -Dhttp

Can you tell us why the no_proxy is not taken into account?

Just an update,

I think I found it.
I had to add a dot to my NO_PROXY for subdomains

NO_PROXY: “.domain.com”

I found this interesting article which seems rather advisable without the dot. But it doesn’t seem to work with sonar-scanner

1 Like