Not able to connect EC2 SonarQube Server installed on EC2 within a firewall from Github

Hi Team,

We need ALM integration feature to integrate GIThub with SonarQube, so that scan can be triggered automatically for each push or pull request made for any repo in github.

To get this feature I got a trial license and prepared a setup by installing Sonar Qube Server on EC2 within our AWS account.

• Developer Edition
• Version 8.9.1 (build 44547)
  SonarScanner 4.6.2.2472

SonarQube Server installed on EC2 could connect to Github and list repos.
But Github couldn’t connect back to SonarQube to notify about new push OR pull request merge for any given repo. (Mentioned few lines of logs of git hub action workflow)

After thorough checking I came to know that due to firewall restriction Github couldn’t connect back to SonarQube server on EC2, and we can’t white list the access.

Wanted to know is there any alternative solution for this issue.
Also I would like to know if I can use any SAAS sonarqube server with ALM integration feature enabled.
If not then any alternative solution available without compromising security aspects.

Logs pasted below.

Thanks,
Asutosh

============ Logs of GITHUB Action Workflow build ================================
2021-07-06T08:08:19.4412020Z INFO: Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
2021-07-06T08:08:19.4424435Z INFO: Project root configuration file: /github/workspace/sonar-project.properties
2021-07-06T08:08:19.4701505Z INFO: SonarScanner 4.6.2.2472
2021-07-06T08:08:19.4732483Z INFO: Java 11.0.11 AdoptOpenJDK (64-bit)
2021-07-06T08:08:19.4733215Z INFO: Linux 5.8.0-1036-azure amd64
2021-07-06T08:08:19.7459376Z INFO: User cache: /opt/sonar-scanner/.sonar/cache
2021-07-06T08:08:24.7778593Z ERROR: SonarQube server [***] can not be reached
2021-07-06T08:08:24.7780188Z INFO: ------------------------------------------------------------------------
2021-07-06T08:08:24.7780994Z INFO: EXECUTION FAILURE
2021-07-06T08:08:24.7820507Z INFO: ------------------------------------------------------------------------
2021-07-06T08:08:24.7829437Z INFO: Total time: 5.339s
2021-07-06T08:08:24.7889428Z ERROR: Error during SonarScanner execution
2021-07-06T08:08:24.7903085Z org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
2021-07-06T08:08:24.7904465Z INFO: Final Memory: 3M/14M
2021-07-06T08:08:24.7909601Z at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
2021-07-06T08:08:24.7912215Z INFO: ------------------------------------------------------------------------
2021-07-06T08:08:24.7913654Z at java.base/java.security.AccessController.doPrivileged(Native Method)
2021-07-06T08:08:24.7916379Z at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
2021-07-06T08:08:24.7920090Z at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
2021-07-06T08:08:24.7923040Z at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
2021-07-06T08:08:24.7925059Z at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
2021-07-06T08:08:24.7927711Z at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
2021-07-06T08:08:24.7928860Z at org.sonarsource.scanner.cli.Main.main(Main.java:61)
2021-07-06T08:08:24.7930036Z Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
2021-07-06T08:08:24.7932233Z at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
2021-07-06T08:08:24.7935278Z at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
2021-07-06T08:08:24.7949794Z at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
2021-07-06T08:08:24.7952152Z at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
2021-07-06T08:08:24.7953739Z … 7 more
2021-07-06T08:08:24.7954348Z Caused by: java.net.SocketTimeoutException: connect timed out
2021-07-06T08:08:24.7955463Z at java.base/java.net.PlainSocketImpl.socketConnect(Native Method)
2021-07-06T08:08:24.7956690Z at java.base/java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
2021-07-06T08:08:24.8077581Z at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
2021-07-06T08:08:24.8078931Z at java.base/java.net.AbstractPlainSocketImpl.connect(Unknown Source)
2021-07-06T08:08:24.8079971Z at java.base/java.net.SocksSocketImpl.connect(Unknown Source)
2021-07-06T08:08:24.8081190Z at java.base/java.net.Socket.connect(Unknown Source)
2021-07-06T08:08:24.8083292Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.platform.Platform.connectSocket(Platform.java:130)
2021-07-06T08:08:24.8087172Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectSocket(RealConnection.java:263)
2021-07-06T08:08:24.8091092Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connect(RealConnection.java:183)
2021-07-06T08:08:24.8095094Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
2021-07-06T08:08:24.8099608Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
2021-07-06T08:08:24.8103777Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
2021-07-06T08:08:24.8107394Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.Transmitter.newExchange(Transmitter.java:169)
2021-07-06T08:08:24.8111378Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
2021-07-06T08:08:24.8115536Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
2021-07-06T08:08:24.8119448Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
2021-07-06T08:08:24.8129432Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
2021-07-06T08:08:24.8133242Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
2021-07-06T08:08:24.8137346Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
2021-07-06T08:08:24.8141159Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
2021-07-06T08:08:24.8144977Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
2021-07-06T08:08:24.8149626Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
2021-07-06T08:08:24.8154123Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
2021-07-06T08:08:24.8158081Z at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
2021-07-06T08:08:24.8162003Z at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
2021-07-06T08:08:24.8164910Z at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:81)
2021-07-06T08:08:24.8167107Z at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:115)
2021-07-06T08:08:24.8169340Z at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
2021-07-06T08:08:24.8171869Z at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
2021-07-06T08:08:24.8173354Z … 10 more
2021-07-06T08:08:24.8173632Z ERROR:
2021-07-06T08:08:24.8174740Z ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.

Hi @Asutosh, welcome to the SonarSource Community!

Can you confirm if you’re using github.com or the self-managed GitHub Enterprise? If you’re using github.com, then our SonarCloud solution is likely to meet your needs.

Hi @Jeff_Zapotoczny, Thank you for your response.

Yes, we are using github.com.
Please let me know more about SonarCloud solution and how can I use it to test ALM integration for my github repos.

Hi Asutosh,

We consider SonarCloud to be a self-service solution. You’re welcome to sign up for a free trial and try it for yourself! Also note it’s free to use for public repos.