Issue with Setting Up SonarCloud with Bitbucket

Hi,

I’m trying to setup SonarcQube on Bitbucket but without luck. I followed the steps, copied the yml but keep getting issues.

ALM: Bitbucket Cloud
Langauges of the repository: PHP, JavaScript, Vue.js

1. First try, I got a memory issue: Container ‘docker’ exceeded memory limit.
   Tried solution: raised the size to 2x

2. Then i got the following errors:

12:12:14.332 INFO  Detected os: Linux arch: amd64 alpine: false. Platform: LINUX_X64
12:12:14.333 INFO  Deploy location /opt/sonar-scanner/.sonar/js/node-runtime, tagetRuntime: /opt/sonar-scanner/.sonar/js/node-runtime/node,  version: /opt/sonar-scanner/.sonar/js/node-runtime/version.txt
12:12:17.583 INFO  Using embedded Node.js runtime.
12:12:17.585 INFO  Using Node.js executable: '/opt/sonar-scanner/.sonar/js/node-runtime/node'.
12:17:23.609 ERROR Failed to start the bridge server (300s timeout)

11:16:10.220 ERROR Error during SonarScanner Engine execution
java.lang.IllegalStateException: Error while running Node.js. A supported version of Node.js is required for running the analysis of JS/TS files.

11:16:28.247 INFO  EXECUTION FAILURE
11:16:28.262 INFO  Total time: 7:22.960s
✖ SonarCloud analysis failed. (exit code = 3)

Tried solution: I changed the yml to install Node.js and set the path in a variable

script:
          - apt-get update && apt-get install -y nodejs npm
          - node -v
          #- npm install
          #- composer install
          - export SONAR_NODEJS_EXECUTABLE=/usr/bin/node  # Added Node.js path
          - pipe: sonarsource/sonarcloud-scan:3.0.0

That didn’t worked either.

Any help is really appreaciated, I already lost lot of time setting this up without luck.

Hello @agiche,

What Linux are you using (distribution and version, please)?

In order to use an external node executable, please use this sonar property:

sonar.nodejs.executable=/usr/bin/node

Also, can you please share debug logs? Both with and without providing the node binary please.

Cheers,
Victor

Hi,

I use the atlassian/default-image:4 which has: ubuntu 22.04 LTS.

Where in the yml file I need to add this?

sonar.nodejs.executable=/usr/bin/node

Below are part of the logs, all sensors work fine until the node part.

10:57:14.260 INFO  Sensor IaC Kubernetes Sensor [iac]
10:57:14.340 INFO  0 source files to be parsed
10:57:14.340 INFO  0/0 source files have been parsed
10:57:14.341 INFO  0 source files to be analyzed
10:57:14.341 INFO  0/0 source files have been analyzed
10:57:14.342 INFO  0 source files to be checked
10:57:14.342 INFO  0/0 source files have been checked
10:57:14.342 INFO  Sensor IaC Kubernetes Sensor [iac] (done) | time=82ms
10:57:14.342 INFO  Sensor IaC AzureResourceManager Sensor [iac]
10:57:14.424 INFO  0 source files to be analyzed
10:57:14.425 INFO  0/0 source files have been analyzed
10:57:14.425 INFO  Sensor IaC AzureResourceManager Sensor [iac] (done) | time=83ms
10:57:14.425 INFO  Sensor Java Config Sensor [iac]
10:57:14.442 INFO  0 source files to be analyzed
10:57:14.443 INFO  0/0 source files have been analyzed
10:57:14.443 INFO  Sensor Java Config Sensor [iac] (done) | time=17ms
10:57:14.443 INFO  Sensor JavaScript/TypeScript analysis [javascript]
10:57:14.611 INFO  Detected os: Linux arch: amd64 alpine: false. Platform: LINUX_X64
10:57:14.613 INFO  Deploy location /opt/sonar-scanner/.sonar/js/node-runtime, tagetRuntime: /opt/sonar-scanner/.sonar/js/node-runtime/node,  version: /opt/sonar-scanner/.sonar/js/node-runtime/version.txt
10:57:17.992 INFO  Using embedded Node.js runtime.
10:57:17.993 INFO  Using Node.js executable: '/opt/sonar-scanner/.sonar/js/node-runtime/node'.
11:02:46.657 ERROR Failed to start the bridge server (300s timeout)
org.sonar.plugins.javascript.nodejs.NodeCommandException: Failed to start the bridge server (300s timeout)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.startServer(BridgeServerImpl.java:231)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.startServerLazily(BridgeServerImpl.java:342)
	at org.sonar.plugins.javascript.analysis.AbstractBridgeSensor.execute(AbstractBridgeSensor.java:70)
	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:63)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:66)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:64)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:190)
	at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:186)
	at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:157)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerContainer.doAfterStart(ScannerContainer.java:416)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerMain.runScannerEngine(ScannerMain.java:137)
	at org.sonar.scanner.bootstrap.ScannerMain.run(ScannerMain.java:52)
	at org.sonar.scanner.bootstrap.ScannerMain.main(ScannerMain.java:38)
11:02:53.866 INFO  Hit the cache for 0 out of 0
11:03:03.601 INFO  Miss the cache for 0 out of 0
11:05:14.767 ERROR Error during SonarScanner Engine execution
java.lang.IllegalStateException: Error while running Node.js. A supported version of Node.js is required for running the analysis of JS/TS files. Please make sure a supported version of Node.js is available in the PATH or an executable path is provided via 'sonar.nodejs.executable' property. Alternatively, you can exclude JS/TS files from your analysis using the 'sonar.exclusions' configuration property. See the docs for configuring the analysis environment: https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/languages/javascript-typescript-css/
	at org.sonar.plugins.javascript.analysis.AbstractBridgeSensor.execute(AbstractBridgeSensor.java:83)
	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:63)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:66)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:64)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:190)
	at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:186)
	at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:157)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerContainer.doAfterStart(ScannerContainer.java:416)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerMain.runScannerEngine(ScannerMain.java:137)
	at org.sonar.scanner.bootstrap.ScannerMain.run(ScannerMain.java:52)
	at org.sonar.scanner.bootstrap.ScannerMain.main(ScannerMain.java:38)
Caused by: org.sonar.plugins.javascript.nodejs.NodeCommandException: Failed to start the bridge server (300s timeout)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.startServer(BridgeServerImpl.java:231)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.startServerLazily(BridgeServerImpl.java:342)
	at org.sonar.plugins.javascript.analysis.AbstractBridgeSensor.execute(AbstractBridgeSensor.java:70)
	... 22 common frames omitted

Hello @agiche,

you can pass sonar properties like this:

          - pipe: sonarsource/sonarcloud-scan:3.0.0
            variables:
              EXTRA_ARGS: >
                -Dsonar.nodejs.executable=/usr/bin/node
                -Dsonar.verbose=true

Hi,

Thanks, I added the args. The execution got stuck on the last step for 15 minutes… So I stopped the Pipeline. Here are the last few lines of logs:

11:54:27.652 INFO  0 source files to be analyzed
11:54:27.652 INFO  0/0 source files have been analyzed
11:54:27.652 INFO  Sensor IaC AzureResourceManager Sensor [iac] (done) | time=78ms
11:54:27.652 INFO  Sensor Java Config Sensor [iac]
11:54:27.669 INFO  0 source files to be analyzed
11:54:27.669 INFO  0/0 source files have been analyzed
11:54:27.669 INFO  Sensor Java Config Sensor [iac] (done) | time=17ms
11:54:27.669 INFO  Sensor JavaScript/TypeScript analysis [javascript]
11:54:27.673 DEBUG Deploying the bridge server into /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle
11:54:27.822 DEBUG Setting deploy location to /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle
11:54:27.822 INFO  'sonar.nodejs.executable' is set. Skipping embedded Node.js runtime deployment.
11:54:27.823 DEBUG Deploying custom rules bundle jar:file:/opt/sonar-scanner/.sonar/cache/ea6982663f766bdad052c550afafab9f/sonar-securityjsfrontend-plugin.jar!/js-vulnerabilities-rules-1.0.0.tgz to /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle/package/custom-rules5184835993617007603
11:54:27.827 DEBUG Starting server
11:54:27.833 DEBUG Creating Node.js process to start the bridge server on port 46149 
11:54:27.834 INFO  Using Node.js executable /usr/bin/node from property sonar.nodejs.executable.
11:54:27.835 DEBUG Checking Node.js version
11:54:27.835 DEBUG Launching command /usr/bin/node -v
11:54:27.926 DEBUG Using Node.js v18.20.2.
11:54:27.926 DEBUG Launching command /usr/bin/node /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle/package/bin/server.cjs 46149 127.0.0.1 /opt/atlassian/pipelines/agent/build/.scannerwork true false false /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle/package/custom-rules5184835993617007603/package/dist/rules.js

Hello @agiche,

can you test with Node.js 22 instead? These are the instructions in the Node.js website:

# Download and install fnm:
curl -o- https://fnm.vercel.app/install | bash
# Download and install Node.js:
fnm install 22

Also, is there any network restriction? The node.js process opens an HTTP port in a random available port and that port should be accessible from loopback interface. Please confirm there are no policies in the host limiting network access.

Cheers,
Victor

About network restriction I’m not sure, I just followed the “how to” from SoncarCloud on how to connect to BitBucket, we don’t have specific restrictions set.

I installed and set Node.js 22 but no luck, here is a screenshot of the installation and confirmation: screenshot_2025-02-14_14:32:34.png - Droplr

Used this option:

-Dsonar.nodejs.executable=$(which node)

Got an error, logs below:

13:22:50.521 DEBUG Starting server
13:22:50.526 DEBUG Creating Node.js process to start the bridge server on port 39361 
13:22:50.527 ERROR Provided Node.js executable file does not exist. Property 'sonar.nodejs.executable' was set to '/root/.nvm/versions/node/v22.14.0/bin/node'
13:22:50.530 ERROR Provided Node.js executable file does not exist.
org.sonar.plugins.javascript.nodejs.NodeCommandException: Provided Node.js executable file does not exist.
	at org.sonar.plugins.javascript.nodejs.NodeCommandBuilderImpl.retrieveNodeExecutable(NodeCommandBuilderImpl.java:240)
	at org.sonar.plugins.javascript.nodejs.NodeCommandBuilderImpl.build(NodeCommandBuilderImpl.java:150)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.initNodeCommand(BridgeServerImpl.java:297)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.startServer(BridgeServerImpl.java:226)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.startServerLazily(BridgeServerImpl.java:342)
	at org.sonar.plugins.javascript.analysis.AbstractBridgeSensor.execute(AbstractBridgeSensor.java:70)
	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:63)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:66)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:64)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:190)
	at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:186)
	at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:157)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerContainer.doAfterStart(ScannerContainer.java:416)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerMain.runScannerEngine(ScannerMain.java:137)
	at org.sonar.scanner.bootstrap.ScannerMain.run(ScannerMain.java:52)
	at org.sonar.scanner.bootstrap.ScannerMain.main(ScannerMain.java:38)
13:22:50.530 INFO  Hit the cache for 0 out of 0
13:22:50.533 INFO  Miss the cache for 0 out of 0
13:22:50.547 ERROR Error during SonarScanner Engine execution
java.lang.IllegalStateException: Error while running Node.js. A supported version of Node.js is required for running the analysis of JS/TS files. Please make sure a supported version of Node.js is available in the PATH or an executable path is provided via 'sonar.nodejs.executable' property. Alternatively, you can exclude JS/TS files from your analysis using the 'sonar.exclusions' configuration property. See the docs for configuring the analysis environment: https://docs.sonarsource.com/sonarqube/latest/analyzing-source-code/languages/javascript-typescript-css/
	at org.sonar.plugins.javascript.analysis.AbstractBridgeSensor.execute(AbstractBridgeSensor.java:83)
	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:63)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:66)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:48)
	at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:64)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:190)
	at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:186)
	at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:157)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerContainer.doAfterStart(ScannerContainer.java:416)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerMain.runScannerEngine(ScannerMain.java:137)
	at org.sonar.scanner.bootstrap.ScannerMain.run(ScannerMain.java:52)
	at org.sonar.scanner.bootstrap.ScannerMain.main(ScannerMain.java:38)
Caused by: org.sonar.plugins.javascript.nodejs.NodeCommandException: Provided Node.js executable file does not exist.
	at org.sonar.plugins.javascript.nodejs.NodeCommandBuilderImpl.retrieveNodeExecutable(NodeCommandBuilderImpl.java:240)
	at org.sonar.plugins.javascript.nodejs.NodeCommandBuilderImpl.build(NodeCommandBuilderImpl.java:150)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.initNodeCommand(BridgeServerImpl.java:297)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.startServer(BridgeServerImpl.java:226)
	at org.sonar.plugins.javascript.bridge.BridgeServerImpl.startServerLazily(BridgeServerImpl.java:342)
	at org.sonar.plugins.javascript.analysis.AbstractBridgeSensor.execute(AbstractBridgeSensor.java:70)
	... 22 common frames omitted
13:22:50.551 DEBUG Cleanup org.eclipse.jgit.util.FS$FileStoreAttributes$$Lambda$281/0x00007f9dfc2bde20@383790cf during JVM shutdown
13:22:50.898 DEBUG Java command exited with code 1
13:22:50.898 INFO  EXECUTION FAILURE
13:22:50.900 INFO  Total time: 49.227s
✖ SonarCloud analysis failed. (exit code = 3)

Used this option:

-Dsonar.nodejs.executable=/usr/bin/node

Sonar chose agian 18 version for some reason, logs below:

13:29:29.463 DEBUG Creating Node.js process to start the bridge server on port 39471 
13:29:29.464 INFO  Using Node.js executable /usr/bin/node from property sonar.nodejs.executable.
13:29:29.465 DEBUG Checking Node.js version
13:29:29.466 DEBUG Launching command /usr/bin/node -v
13:29:29.538 DEBUG Using Node.js v18.20.2.
13:29:29.539 DEBUG Launching command /usr/bin/node /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle/package/bin/server.cjs 39471 127.0.0.1 /opt/atlassian/pipelines/agent/build/.scannerwork true false false /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle/package/custom-rules12765547690263860476/package/dist/rules.js

Hello @agiche,

is it possible for you to try with image node:22-alpine? Keeping same properties

          - pipe: sonarsource/sonarcloud-scan:3.0.0
            variables:
              EXTRA_ARGS: >
                -Dsonar.nodejs.executable=/usr/bin/node
                -Dsonar.verbose=true

I would just like to discard any possible incompatibility with Atlassian images.

Cheers

Hi @victor.diez,

Just tried it, it is still trying to load Node 18.20

10:45:38.361 DEBUG Deploying the bridge server into /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle
10:45:38.522 DEBUG Setting deploy location to /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle
10:45:38.522 INFO  'sonar.nodejs.executable' is set. Skipping embedded Node.js runtime deployment.
10:45:38.522 DEBUG Deploying custom rules bundle jar:file:/opt/sonar-scanner/.sonar/cache/ea6982663f766bdad052c550afafab9f/sonar-securityjsfrontend-plugin.jar!/js-vulnerabilities-rules-1.0.0.tgz to /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle/package/custom-rules8337058583628282945
10:45:38.527 DEBUG Starting server
10:45:38.533 DEBUG Creating Node.js process to start the bridge server on port 37923 
10:45:38.534 INFO  Using Node.js executable /usr/bin/node from property sonar.nodejs.executable.
10:45:38.534 DEBUG Checking Node.js version
10:45:38.535 DEBUG Launching command /usr/bin/node -v
10:45:38.618 DEBUG Using Node.js v18.20.2.
10:45:38.618 DEBUG Launching command /usr/bin/node /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle/package/bin/server.cjs 37923 127.0.0.1 /opt/atlassian/pipelines/agent/build/.scannerwork true false false /opt/atlassian/pipelines/agent/build/.scannerwork/.sonartmp/bridge-bundle/package/custom-rules8337058583628282945/package/dist/rules.js

I confirmed that the Node version is correct before execution:

Here is the configuration file:

image: node:22-alpine # Choose an image matching your project needs
clone:
  depth: full              # SonarQube Cloud scanner needs the full history to assign issues properly
definitions:
  caches:
    sonar: ~/.sonar/cache  # Caching SonarQube Cloud artifacts will speed up your build
  steps:
    - step: &build-test-sonarcloud
        name: Build, test and analyze on SonarQube Cloud
        size: 4x  # Increases memory to 16GB
        caches:
          - node
          - sonar
        script:
          - node -v  # Verify Node.js version
          # Run SonarQube scan with correct Node.js path
          - pipe: sonarsource/sonarcloud-scan:3.0.0
            variables:
              EXTRA_ARGS: >
                -Dsonar.nodejs.executable=/usr/bin/node
                -Dsonar.verbose=true
    - step: &check-quality-gate-sonarcloud
        name: Check the Quality Gate on SonarQube Cloud
        size: 4x  # Increases memory to 16GB
        script:
          - pipe: sonarsource/sonarcloud-quality-gate:0.1.6
pipelines:
  branches:
    dev:
      - step: *build-test-sonarcloud
      - step: *check-quality-gate-sonarcloud
  pull-requests:
    '**':
      - step: *build-test-sonarcloud
      - step: *check-quality-gate-sonarcloud

Hi @agiche,

can you try removing this line now:

                -Dsonar.nodejs.executable=/usr/bin/node

Just want to see if the embedded runtime works in the new Docker image.

If it’s still failing, we need to debug further. The node process is starting an HTTP server and it may be due to lack of rights to open a port. Can you test with this command line?

npx -y serve

That will just start a basic HTTP server. Not related at all with our Sonar analysis, but would be helpful to know if node can actually listen to a port.

Cheers