Run SonarCloud Analysis through corporate proxy

sonarcloud
proxy

(Gerald Mücke) #1

Hi all,

I’m evaluating SonarCloud and try to run an analysis through a corporate proxy which fails:

I tried to use the Java default proxy settings using the CLI params:

 -Dhttp.proxyHost=proxy.corporate.it -Dhttp.proxyPort=8080 "-Dhttp.nonProxyHosts=localhost|*.corporate.it"

but without success.

From the stack trace I read, the sonar scanner uses OkHttp, for which the proxy settings have to be passed on client creation (see this StackOverflow response) and from the Source in GitHub, I see no proxy is used for creation of the http client.

So question is,

  • am I doing this right? I found no documentation regarding proxy
  • or is this a bug / missing feature

Full Stack trace

[ERROR] SonarQube server [https://sonarcloud.io] can not be reached
...
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.0.2:sonar (default-cli) on project example-project: Unable to execute SonarQube: Fail to download libraries from server: Connection reset -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.0.2:sonar (default-cli) on project example-project: Unable to execute SonarQube
	at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:212)
	at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
	at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
	at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
	at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
	at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
	at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:128)
	at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:307)
	at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:193)
	at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:106)
	at org.apache.maven.cli.MavenCli.execute(MavenCli.java:863)
	at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:288)
	at org.apache.maven.cli.MavenCli.main(MavenCli.java:199)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
	at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
	at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
	at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
	at org.codehaus.classworlds.Launcher.main(Launcher.java:47)
Caused by: org.apache.maven.plugin.MojoExecutionException: Unable to execute SonarQube
	at org.sonarsource.scanner.maven.bootstrap.ExceptionHandling.handle(ExceptionHandling.java:36)
	at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:81)
	at org.sonarsource.scanner.maven.SonarQubeMojo.execute(SonarQubeMojo.java:112)
	at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:134)
	at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:207)
	... 21 more
Caused by: org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarQube
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:84)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:71)
	at java.security.AccessController.doPrivileged(Native Method)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:71)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:67)
	at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:218)
	at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:156)
	at org.sonarsource.scanner.maven.bootstrap.ScannerBootstrapper.execute(ScannerBootstrapper.java:60)
	... 24 more
Caused by: java.lang.IllegalStateException: Fail to download libraries from server
	at org.sonarsource.scanner.api.internal.Jars.downloadFiles(Jars.java:93)
	at org.sonarsource.scanner.api.internal.Jars.download(Jars.java:70)
	at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:39)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory$1.run(IsolatedLauncherFactory.java:75)
	... 31 more
Caused by: java.net.SocketException: Connection reset
	at java.net.SocketInputStream.read(SocketInputStream.java:210)
	at java.net.SocketInputStream.read(SocketInputStream.java:141)
	at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
	at sun.security.ssl.InputRecord.read(InputRecord.java:503)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.Connection.connectTls(Connection.java:239)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.Connection.connectSocket(Connection.java:201)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.Connection.connect(Connection.java:172)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.Connection.connectAndSetOwner(Connection.java:358)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:117)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:329)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:246)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.Call.getResponse(Call.java:276)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:234)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.Call.getResponseWithInterceptorChain(Call.java:196)
	at org.sonarsource.scanner.api.internal.shaded.okhttp.Call.execute(Call.java:79)
	at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:114)
	at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
	at org.sonarsource.scanner.api.internal.Jars.downloadFiles(Jars.java:78)
	... 34 more

(Julien Henry) #2

Hi Gerald,

There is no need for us to pass proxy configuration to Okhttp since it will out of the box support properties http.proxyHost and http.proxyPort.

Since SonarCloud is hosted under https, maybe could you try to pass https.proxyHost and https.proxyPort properties.


(Gerald Mücke) #3

Ah yes, the https. properties did the trick, thanks!

And of course the corporate proxy intercepted the https connection and I got some certificate validation errors. But I could solve this by adding the proxy CA certificate to the java/jre cacerts file (just for information for anyone else stumbling over this)