Proxy, SonarCloud, OpenShift, Tekton

Hi all,

I’m evaluating SonarCloud and try to run an analysis through a corporate proxy. I have tried analysis with two methods:

• maven scan according to SonarScanner for Maven | SonarCloud Docs
• SonarScanner CLI | SonarCloud Docs

I have tried configure proxy with JAVA_OPTS, SONAR_SCANNER_OPTS, SONAR_RUNNER_OPTS, but nothing helped

Environment setup

Tekton Pipelines in OpenShift - tekton task Tekton Hub with sonarqube sonar-project.properties mounted via ConfigMap
Java 17

Full Stack trace Maven

[ERROR] Error resolving version for plugin 'verify org.sonarsource.scanner.maven:sonar-maven-plugin' from the repositories [local (/workspace/maven-settings), central (https://repo.maven.apache.org/maven2)]: Plugin not found in any plugin repository -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginVersionResolutionException

Full Stack trace sonar-scanner

#Sonar.properties file
sonar.projectKey=corporate.it
sonar.host.url=https://sonarcloud.io
sonar.projectVersion=1.0
sonar.organization=corporate.it
sonar.sources=.
socksProxyHost=proxy.corporate.it
socksProxyPort=8080
http.proxyHost=proxy.corporate.it
http.proxyPort=8080
https.proxyHost=proxy.corporate.it
https.proxyPort=8080

bash-5.1$ sonar-scanner -X -Dproject.settings=sonar.properties -Dscanner.settings=sonar.properties 
14:17:20.506 INFO: Scanner configuration file: /usr/src/sonar.properties
14:17:20.508 INFO: Project root configuration file: /usr/src/sonar.properties
14:17:20.533 INFO: SonarScanner 4.6.2.2472
14:17:20.533 INFO: Java 11.0.14 Alpine (64-bit)
14:17:20.533 INFO: Linux 4.18.0-372.69.1.el8_6.x86_64 amd64
14:17:20.648 DEBUG: keyStore is : 
14:17:20.648 DEBUG: keyStore type is : pkcs12
14:17:20.648 DEBUG: keyStore provider is : 
14:17:20.648 DEBUG: init keystore
14:17:20.648 DEBUG: init keymanager of type SunX509
14:17:20.736 DEBUG: Create: /opt/sonar-scanner/.sonar/cache
14:17:20.736 INFO: User cache: /opt/sonar-scanner/.sonar/cache
14:17:20.737 DEBUG: Create: /opt/sonar-scanner/.sonar/cache/_tmp
14:17:20.738 DEBUG: Extract sonar-scanner-api-batch in temp...
14:17:20.741 DEBUG: Get bootstrap index...
14:17:20.741 DEBUG: Download: https://sonarcloud.io/batch/index
14:17:40.829 ERROR: SonarCloud server [https://sonarcloud.io] can not be reached
14:17:40.830 INFO: ------------------------------------------------------------------------
14:17:40.830 INFO: EXECUTION FAILURE
14:17:40.830 INFO: ------------------------------------------------------------------------
14:17:40.830 INFO: Total time: 20.331s
14:17:40.845 INFO: Final Memory: 14M/1979M
14:17:40.845 INFO: ------------------------------------------------------------------------
14:17:40.845 ERROR: Error during SonarScanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
        at java.base/java.security.AccessController.doPrivileged(Native Method)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
        at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
        at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
        at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
        at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
        at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
        at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
        ... 7 more
Caused by: java.net.SocketTimeoutException: connect timed out
        at java.base/java.net.PlainSocketImpl.socketConnect(Native Method)
        at java.base/java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:412)
        at java.base/java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:255)
        at java.base/java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:237)
        at java.base/java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
        at java.base/java.net.Socket.connect(Socket.java:609)

Any help would be great, thank you!

Hi,

Welcome to the community!

This is a pure proxy problem. Maven can’t get to the central repo to download what it needs to run analysis. You should talk to your network folks.

For the sonar-scanner error, the docs suggest adding our domains to your proxy whitelist.

 
HTH,
Ann

I agree, the error indicates a problem with the proxy, but don’t know where to look for cause.

When run curl command with proxy to sonarcloud.io/batch/index it is working correctly. I’ve seen in this topic: Sonar-scanner-maven does not work with HTTP (not HTTPS) PROXY authentication that sonar-maven plugin does not work with proxy settings, isn’t that right?

Regarding the sonar-scanner I got reply from network team that sonarcloud.io is allready whitelisted. Is there other option I can set/provide to sonar to enable connection or am I missing something?

Thanks for quick reply,
Oskar

Hi Oskar,

We try to keep it to one topic per thread. Otherwise it can get messy, fast. So let’s talk about Maven here.

The topic you refer to repeatedly asserts that it does work and points out how to make it work.

Are you running that command from the build agent or from your localhost?

 
Ann

Good morning Ann,

True it’s better to keep one topic per thread.

The command is run from build agent and checked and we have proxy settings provided in .m2/settings.xml.
I have run also couple of tests with MAVEN_OPTS, but it didin’t helped

Hi,

My question was about the curl command you said was successful. Did you run that successful curl command from your localhost or from the build agent?

 
Ann

Successful curl command is run from build agent

Oskar,

Hi Oskar,

Thanks for the confirmation. Now, going back to that thread you found, this post details how the user worked with his proxy:

Additionally, the Maven docs tell you how to configure a proxy.

 
HTH,
Ann

Hi Ann,

The post above is not helpful for me, it describes authentication keys, which I don’t need I’ve run couple of tests again with configured and mounted proxy settings in maven setttings.xml file to our pipeline, but I got the same error as before regarding proxy

Error resolving version for plugin 'verify org.sonarsource.scanner.maven:sonar-maven-plugin' from the repositories [local (/workspace/maven-settings), central (https://repo.maven.apache.org/maven2)]: Plugin not found in any plugin repository -> [Help 1]

Do you have any ideas, how we can check if we are trying to connect by provided proxy or if there are other options how to provide proxy settings to maven to?

Thanks,
Oskar

Hi Oskar,

Sorry, but I’ve given you what I’ve got. You really need to dig into this with your network folks and with Mavenistas.

 
Ann

Hi Ann,

Thank you for your commitment and time, I will talk to the proxy team again

Oskar