Gitlab Integration Error - Unable to create user cache: /usr/src/.sonar/cache

Must-share information (formatted with Markdown):

• which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
• what are you trying to achieve
• what have you tried so far to achieve this
  I’m using SonarQube Scanner 4.2.0.1873 docker container connected to SonarQube Developer Edition
• Version 7.6 (build 21501) within a Gitlab Runner version 11.11.2
  with Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
  I’m running into an issues trying to user the scanner container-

ERROR: Error during SonarQube Scanner execution
java.lang.IllegalStateException: Unable to create user cache: /usr/src/.sonar/cache
at org.sonarsource.scanner.api.internal.cache.FileCache.createDir(FileCache.java:147)
at org.sonarsource.scanner.api.internal.cache.FileCache.(FileCache.java:46)
at org.sonarsource.scanner.api.internal.cache.FileCache.create(FileCache.java:52)
at org.sonarsource.scanner.api.internal.cache.FileCacheBuilder.build(FileCacheBuilder.java:48)
at org.sonarsource.scanner.api.internal.JarDownloaderFactory.create(JarDownloaderFactory.java:42)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:68)
at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.nio.file.AccessDeniedException: /usr/src/.sonar
at java.base/sun.nio.fs.UnixException.translateToIOException(Unknown Source)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
at java.base/sun.nio.fs.UnixFileSystemProvider.createDirectory(Unknown Source)
at java.base/java.nio.file.Files.createDirectory(Unknown Source)
at java.base/java.nio.file.Files.createAndCheckIsDirectory(Unknown Source)
at java.base/java.nio.file.Files.createDirectories(Unknown Source)
at org.sonarsource.scanner.api.internal.cache.FileCache.createDir(FileCache.java:145)
… 9 more

Hello @nbislicense,

Welcome to the SonarSource community.

First of all I would like to make it clear that the SonarQube scanner CLI docker image is a beta. Hope you understand this.
This is just a guess but I believe that you may have not mounted the /usr/src directory properly in the docker image so that it can be written by the scanner. The recommended solution is to create a docker volume that you’ll mount to a given directory in the container, and set the scanner home directory (where it’ll store its temp data, cache etc…) to that volume. This should be something like:

docker volume create cache-vol
docker run -v "$(pwd):/usr/src" \
   -v cache-vol:/home/scanner-cli -e "SONAR_USER_HOME=/home/scanner-cli" \
   --network=host  sonarsource/sonar-scanner-cli

Let me know if that works.

Regards

Thanks Olivier- I’m getting a new error now-
ERROR: Error during SonarQube Scanner execution
ERROR: Unable to execute SonarQube
ERROR: Caused by: Fail to get bootstrap index from server
ERROR: Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
ERROR: Caused by: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
ERROR: Caused by: unable to find valid certification path to requested target

That’s a whole different problem (Certificates related). Can you please open a new thread for this

Thanks

Hi,

For everyone coming here from Google search (like me) and having this error in Gitlab CI – you need to let Sonar Scanner container know where to find code.

GitLab provides CI_PROJECT_DIR environment variable that contains the path to source code within the container. Assign it to SONAR_PROJECT_BASE_DIR variable in your Sonar Scanner step, like this:

sonar:
  image: sonarsource/sonar-scanner-cli
  script:
    - sonar-scanner -Dsonar.qualitygate.wait=true
  allow_failure: true
  variables:
    SONAR_PROJECT_BASE_DIR: "${CI_PROJECT_DIR}"

As @OlivierK mentioned, the docker image is still in beta. I didn’t find documentation on this variable, but you can check what it does in source code.

I gave my solution in this post (dev.to), if you interested.

Hello @MunGell,

Good tip.
The general mechanism is that all relevant SonarQube scanner properties shall be passed as environment variables by uppercasing the property and replacing dot (.) by underscore (_).
For instance sonar.exclusions property should be passed as SONAR_EXCLUSIONS when running the Docker scanner image

OK, you may argue that the SONAR_PROJECT_BASE_DIR environment variable does not follow the rule because the original property is sonar.projectBaseDir. Correct… and this is beta… and we will have to cope with camel casing properties one way or another.

Olivier

Going here gave me some leads and I tried many different things. On my Mac, I didn’t have the /usr/src path and it’s locked even for admin. I had to follow a way to allow me to create it and it felt wrong. I didn’t think that fixed the issue. Then, I added :/usr/src at the end of the path to scan. I think this fixed this particular issue on this thread. Then, I had trouble connecting to the http:/localhost:9000 via the sonarsource/sonar-scanner-cli docker container even though I can access it with my browser. Then, another community pointed me to use my IPv4 address instead of localhost. That finally fixed it for me.

This is my command line:

docker run -e SONAR_HOST_URL=http://<ipv4-address>:9000 -it -v "<path-to-scan>:/usr/src" sonarsource/sonar-scanner-cli