Java heap space error with Sonar Gradle plugin on Azure DevOps

SonarQube Cloud
, , ,
1
  • ALM used: Azure DevOps
  • CI system used: Azure DevOps
  • Scanner command used: generated by Azure DevOps
  • Languages of the repository: Java
  • Error observed:
Caused by: java.lang.OutOfMemoryError: Java heap space
	at com.sonar.security.config.D.B(na:238)
	at com.sonar.security.config.D.A(na:1411)
	at com.sonar.security.config.A.E.A(na:2438)
	at com.sonar.security.config.B.A(na:2298)
	at com.sonar.security.E.A(na:3406)
	at com.sonar.security.E.executeChecks(na:3408)
	at com.sonar.security.E.executeChecks(na:3097)
	at com.sonar.security.E.execute(na:3507)
	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:62)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:75)
	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:51)
	at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:64)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:163)
	at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:159)
	at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:130)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.ScannerContainer.doAfterStart(ScannerContainer.java:396)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
	at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
	at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:128)
	at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)

  • Steps to reproduce

    1. Create a Pipeline with at least three steps : “Prepare analysis on SonarCloud”, “Gradle”, “Publish Quality Gate Result”.
    2. In the “Gradle” Task, set “Tasks” = “build”.
    3. In the “Advanced” section of the “Gradle” Task, set “JDK version” to “17” and GRADLE_OPTS to “-Xmx7g”.
    4. In the “Code Analysis” section of the “Gradle” Task, check “Run SonarQube or SonarCloud Analysis” and set “4.3.1.3277” as Gradle plugin version.
    5. Use “Sonar way” as Quality Profile

  • Potential workaround
    Use a specific Quality Profile in which all Java 17 security rules are disabled.

2

Hi,

Can you enable debug logging and post the full analysis log, please?

 
Thx,
Ann

3

Hi,

The logs are attached to this message.

Should I post them on the forum as well ?

Best regards,

untitledDavid Deck

Architecte SI / Equipe développement

Groupe Charles André

6, Avenue de l’Industrie – 69960 Corbas

david.deck@gcatrans.com

Tél. : +33 (0) 4 72 21 83 50 – Mobile : +33 (0) 6 63 09 13 12 www.charlesandre.com

image001.jpg

logs.zip (2.83 MB)

4

Hi,

I suppose you replied by email. It posted both your reply and the attachment here in the community.

Unfortunately, the file in the expanded zip isn’t readable. Can you copy/paste the text of the logs here?

 
Thx,
Ann

5

Hi.

I’m sorry but I can’t copy/paste the logs.

They are much too big for our mail box.

Best regards,

untitledDavid Deck

Architecte SI / Equipe développement

Groupe Charles André

6, Avenue de l’Industrie – 69960 Corbas

david.deck@gcatrans.com

Tél. : +33 (0) 4 72 21 83 50 – Mobile : +33 (0) 6 63 09 13 12 www.charlesandre.com

image001.jpg

6

Hi,

Can you post a new archive? Or come here to the community (versus an email response) to paste the logs in directly?

 
Ann

7

Hi,

Here are the logs :
logs.zip (2.8 MB)

Best regards,
David Deck

8

Hi David,

Unfortunately, I’m still getting a blank file from that.

 
Ann