which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
what are you trying to achieve
what have you tried so far to achieve this
Hello
I have recently stood up a sonarqube instance (7.9.4) on docker pointing to a postgres db(13).
The instance works fine - as in it will scan a project no problem. My problem is it is only scanning xml and not the additional java code that I am actually trying to scan. I cannot figure out how to initiate the java scanner.
As a comparison the same code is being scanned just fine on my old instance which is sonarqube 7.6 running on a windows server talking to a postgres db as well
I am initiating the scan the same way on both systems from the same code base using the following
The only thing that changes in the above is the host name to point to the new docker instance.
The scan kicks off fine but it only runs the scan against the pom.xml file and nothing else.
I am fairly new to sonarqube and scoured the configuration to see if I could see a difference between the two environments but could not find anything.
So I guess my question is how do I “enable” the java scanner so that it will scan my javacode?
There’s no need to enable Java analysis, particularly from a Maven build. Perhaps you can share your code-formatted (``` on the line before and on the line after) build/analysis log?
That is what I had figured as I did not have to configure anything in the old version I set up. This is baffling to me - I am not sure what you are asking for but would be happy to provide it once I know where to find it.
I am still very new with sonar.
When you launch the analysis command - whether that’s in a terminal or via something like Jenkins - there should be a running report of analysis progress. That’s what I’m looking for.
Hi there
Please find attached a zip with the capture of the running log. two files one showing a valid working scan the other the failed scan.
Same code base, same command line execution only difference is one points to the older install the other points to the new install so had different host values, project name and key
Thank you so much for looking at this for me - its had me baffled
There is a huge difference between these two logs. Analysis starts at line 12,334 in the 7.9 log versus starting at line 888 in the 7.4 log. So… I think there’s a bigger difference between the two than just the version on SonarQube involved.
That said, I’ve just refreshed myself on your OP and I’m reminded that your 7.9 instance is on Docker. I suspect there’s something hinky about how the plugins directory is set up. From the docs:
Make sure you’re using volumes as shown with the above commands, and not bind mounts. Using bind mounts prevents plugins and languages from populating correctly.
I am using volumes for the docker instance.
The observation you have made is what is confusing to me as well. Both runs are against the exact same code base. I execute the maven goals in the same base directory. However the docker based run instance is ignoring the /components directory which is where the code lies, and this is a huge code base. This is why I posted because when I set up the previous instance of sonar it just worked right out of the gate.
The following are my volume declarations in my compose file. Do you see anythign out of whack there?
- SonarConf:/opt/sonarqube/conf
- SonarData:/opt/sonarqube/data
- SonarExt:/opt/sonarqube/extensions
- SonarLogs:/opt/sonarqube/logs
- SonarPlug:/opt/sonarqube/lib/bundled-plugins
HI Ann
Happy monday and thank you fo ryour perseverance on this.
I will try and articulate as clearly as possible the environment I am executing this in.
The build system is my laptop.
The source being processed is the same for example c:_dev\source is where my source is located.
The sonarqube servers are separate.
Server 1: Windows 10 VM running Qube 7.6 -> local Postgres DB
Server 2: Linux Hosted Docker Image running Qube 7.9.4 -> Docker Image Postgres DB
Code analysis is run against the same directory using the same command but passing different values for the host and project key. See Below - please note I have removed the actual host name below to protect our systems.
Command used to analyze against the docker imaged Qube
mvn clean install sonar:sonar -Dsonar.projectKey=com.tdkc.udop.tycho:com.tdkc.udop.tycho.root -Dsonar.host.url=http://HOSTNAME:9000 -Dsonar.login=4967aa97d42ade6e916edab1cf366c636564e05c
Command used to analyze against the windows Qube
mvn clean install sonar:sonar -Dsonar.projectKey=com.tdkc.udop.tycho:com.tdkc.udop.tycho.root -Dsonar.host.url=http://HOSTNAME:9000 -Dsonar.login=6c51cd8177bfe0fb7b84cea2a2a759a03ebf820b
Both commands are run in the same directory as mentioned above c:_dev\source
Whats crazy is all the connectivity works and the analysis is performed because I see the results in the server consoles for the projects. The only difference is the analysis against the docker image ignores all java code and only analyzes the pom.xml file lol. It does not make any sense.
Okay, to sum up: both runs are from your laptop & so with exactly the same environment. Only difference is the analysis properties on the command line.
So… even though the build part of the command is exactly the same, that’s where the most notable differences in the logs come from (IIRC - there has been a weekend in between ). So I’d like to eliminate that by trying this:
Ideally, you’ll segregate the logs from those 3 commands so we can easily diff the 2 analysis logs. I almost added a pipe-to-file at the end, but then saw that you’re on Windows.
Also, could you provide a screenshot of the Languages list in the Rules page of your docker instance? That’s one of the easiest ways to see the full list. E.G.:
I am still having this issue I was wondering if anyone might have any further thoughts on this. @ganncamp had started to dig but we did not get anywhere, unfortunately.
Hi,
Could you send the logs of the scanner with debug enabled, of the non-working case?
It will show more details about what files are indexed (i.e. ‘seen’ by the scanner).
Thanks.
). So I’d like to eliminate that by trying this:
