Rust analysis not working in Docker on platform ARM64

We are using SonarQube 2025.3.0 (Enterprise Edition) with the new Rust support. Sonar Scanner CLI version 7.1.0.4889.

We are trying to run Rust analysis in Docker on the ARM64 platform. but all we get is “The main branch of this project is empty.” and a code line count of 0 for all files, as well as a warning: “The last analysis has warnings.” → “Failed to create Rust analyzer: Failed to start the analyzer process”. It does upload coverage reports just fine.

Although the Docker image sonarsource/sonar-scanner-cli-docker is only available for the platform linux/amd64. I did notice there is nothing in the image that prevents it from being compiled for linux/arm64 as well.

I did this and ‘sonar-scanner’ runs fine on both AMD64 and ARM64. However, after installing the pre-requisites for Rust analysis (Cargo and Clippy), by direct install or by extending the base image sonarsource/sonar-scanner-cli-docker, it turns out that the scanner cannot run the Rust analyzer; it consistently errors out with:

DEBUG Extracting analyzer from /analyzer/linux-aarch64-musl/analyzer.xz
DEBUG Copying analyzer to /usr/src/.scannerwork/.sonartmp/analyzer-2993434708137488770
ERROR Failed to create Rust analyzer: Failed to start the analyzer process

Yes, I did notice the linux-aarch64-musl, so I dug into it and it seems to be a cross compiled binary that is supposed to run both in gnu and musl linux?
I also noticed that in the repository for the sonar-rust-plugin these targets are used:

• x86_64-pc-windows-gnu
• x86_64-unknown-linux-musl
• x86_64-unknown-linux-gnu
• aarch64-unknown-linux-musl
• x86_64-apple-darwin

missing is the target:

• aarch64-unknown-linux-gnu

(and also ‘aarch64-pc-windows-gnu’ but it’s not a factor here). Maybe the binary in linux-aarch64-musl is missing compatibility with GNU Linux on ARM64 due to this missing target?

This may or may not be supported by the fact that on AMD64, the binary in linux-amd64-musl is loaded and runs fine. Meaning the exact same image used in the example above, but compiled for linux/amd64, have no problem creating the Rust analyzer and run the analysis, on both musl and gnu linux (using the same binary for both musl and gnu).

Would it be possible to add the aarch64-unknown-linux-gnu target to the sonar-rust-plugin code? Or is the problem not related to that?

UPDATE: Recreated the Docker image as an Alpine image, thinking that if the Rust binary is indeed a musl binary, that should work. But alas, the exact same problem:

ERROR Failed to create Rust analyzer: Failed to start the analyzer process

So, while it seems like there is no way to run sonar-scanner CLI in Docker and get a successful Rust analysis on the ARM46 platform, the problem may not be the Rust analyzer’s compatibility with musl or gnu Linux.

hi @claesjonsson ,

I suspect that issue is that you use amd64 docker image. Could you pls try to build your own image for arm?

I will inquire why we don’t provide official arm image for scanner.

Musl binary should work on gnu systems without issues.

Also, could you pls paste a full log from the analysis?

Hi @saberduck ,

and thanks for your response. I tried to be very clear in my description, informing that I did build a arm image and that it was the arm image running. It probably got lost in my long-winded post.

docker run --rm -it --network docker_sonar_network -v $(pwd):/usr/src rust-sonar-scanner-cli:latest bash      
[scanner-cli@bf4d5966a06d src]$ uname -m
aarch64

Here is the log (as you can see the pre-generated lcov uploads fine, but the analysis won’t run, see ERROR at line 300):

18:29:06.379 INFO  Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
18:29:06.383 INFO  Project root configuration file: /usr/src/sonar-project.properties
18:29:06.396 INFO  SonarScanner CLI 7.1.0.4889
18:29:06.397 INFO  Java 17.0.15 Amazon.com Inc. (64-bit)
18:29:06.398 INFO  Linux 6.10.14-linuxkit aarch64
18:29:06.410 DEBUG Scanner max available memory: 5 GB
18:29:06.436 DEBUG uname -m returned 'aarch64'
18:29:06.441 DEBUG Using JVM default truststore: /usr/lib/jvm/java-17-amazon-corretto.aarch64/lib/security/cacerts
18:29:06.442 DEBUG Create: /opt/sonar-scanner/.sonar/cache
18:29:06.443 INFO  User cache: /opt/sonar-scanner/.sonar/cache
18:29:06.443 DEBUG Create: /opt/sonar-scanner/.sonar/cache/_tmp
18:29:06.582 DEBUG Loading OS trusted SSL certificates...
18:29:06.582 DEBUG This operation might be slow or even get stuck. You can skip it by passing the scanner property 'sonar.scanner.skipSystemTruststore=true'
18:29:06.949 DEBUG Loaded [1029] system trusted certificates
18:29:07.076 DEBUG Loaded truststore from '/usr/lib/jvm/java-17-amazon-corretto.aarch64/lib/security/cacerts' containing 147 certificates
18:29:07.223 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/version
18:29:07.403 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/version (179ms, 15-byte body)
18:29:07.404 INFO  Communicating with SonarQube Server 2025.3.0.108892
18:29:07.405 INFO  JRE provisioning: os[linux], arch[aarch64]
18:29:07.406 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/jres?os=linux&arch=aarch64
18:29:07.433 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/jres?os=linux&arch=aarch64 (26ms, unknown-length body)
18:29:07.459 DEBUG Download http://sonarqube:9000/api/v2/analysis/jres/1f23bf9f-6da2-4588-9f20-2b05a88f30f7 to /opt/sonar-scanner/.sonar/cache/_tmp/fileCache7556855527175537947.tmp
18:29:07.460 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/jres/1f23bf9f-6da2-4588-9f20-2b05a88f30f7
18:29:07.466 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/jres/1f23bf9f-6da2-4588-9f20-2b05a88f30f7 (5ms, unknown-length body)
18:29:09.214 DEBUG Executing: /opt/sonar-scanner/.sonar/cache/97c4fb748eaa1292fb2f28fec90a3eba23e35974ef67f8b3aa304ad4db2ba162/OpenJDK17U-jre_aarch64_linux_hotspot_17.0.13_11.tar.gz_extracted/jdk-17.0.13+11-jre/bin/java --version
18:29:09.265 DEBUG openjdk 17.0.13 2024-10-15
18:29:09.265 DEBUG OpenJDK Runtime Environment Temurin-17.0.13+11 (build 17.0.13+11)
18:29:09.265 DEBUG OpenJDK 64-Bit Server VM Temurin-17.0.13+11 (build 17.0.13+11, mixed mode, sharing)
18:29:09.271 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/engine
18:29:09.279 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/engine (8ms, unknown-length body)
18:29:09.281 DEBUG Download http://sonarqube:9000/api/v2/analysis/engine to /opt/sonar-scanner/.sonar/cache/_tmp/fileCache1700197787781373042.tmp
18:29:09.281 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/engine
18:29:09.288 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/engine (6ms, unknown-length body)
18:29:09.884 DEBUG Work directory: /usr/src/.scannerwork
18:29:09.891 DEBUG Executing: /opt/sonar-scanner/.sonar/cache/97c4fb748eaa1292fb2f28fec90a3eba23e35974ef67f8b3aa304ad4db2ba162/OpenJDK17U-jre_aarch64_linux_hotspot_17.0.13_11.tar.gz_extracted/jdk-17.0.13+11-jre/bin/java -Dorg.bouncycastle.pkcs12.ignore_useless_passwd=true -jar /opt/sonar-scanner/.sonar/cache/bab291f8d49ab0578fbd8151a250e458b4bd2a8b0708e374b27cb26d028c6bb3/scanner-enterprise-2025.3.0.108892-all.jar
18:29:10.099 INFO  Starting SonarScanner Engine...
18:29:10.099 INFO  Java 17.0.13 Eclipse Adoptium (64-bit)
18:29:10.150 DEBUG JVM max available memory: 5 GB
18:29:10.276 DEBUG Enterprise 2025.3.0.108892
18:29:10.436 DEBUG Sonar User Home: /opt/sonar-scanner/.sonar
18:29:10.492 DEBUG Loading OS trusted SSL certificates...
18:29:10.492 DEBUG This operation might be slow or even get stuck. You can skip it by passing the scanner property 'sonar.scanner.skipSystemTruststore=true'
18:29:10.958 DEBUG Loaded [1029] system trusted certificates
18:29:11.128 DEBUG Loaded truststore from '/usr/lib/jvm/java-17-amazon-corretto.aarch64/lib/security/cacerts' containing 147 certificates
18:29:11.305 INFO  Load global settings
18:29:11.310 DEBUG --> GET http://sonarqube:9000/api/settings/values.protobuf
18:29:11.358 DEBUG <-- 200 http://sonarqube:9000/api/settings/values.protobuf (47ms, unknown-length body)
18:29:11.379 INFO  Load global settings (done) | time=75ms
18:29:11.381 INFO  Server id: 67AB5038-AXQF0d2yIQRe0jXHfU9G
18:29:11.382 DEBUG Create : /opt/sonar-scanner/.sonar/_tmp
18:29:11.383 DEBUG User cache: /opt/sonar-scanner/.sonar/cache
18:29:11.387 INFO  Loading required plugins
18:29:11.396 INFO  Load plugins index
18:29:11.396 DEBUG --> GET http://sonarqube:9000/api/plugins/installed
18:29:11.428 DEBUG <-- 200 http://sonarqube:9000/api/plugins/installed (31ms, unknown-length body)
18:29:11.432 INFO  Load plugins index (done) | time=36ms
18:29:11.432 INFO  Load/download plugins
18:29:11.434 DEBUG Download plugin 'cayc' to '/opt/sonar-scanner/.sonar/_tmp/fileCache14637495053709682631.tmp'
18:29:11.435 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=cayc
18:29:11.442 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=cayc (6ms, unknown-length body)
18:29:11.487 DEBUG Download plugin 'iac' to '/opt/sonar-scanner/.sonar/_tmp/fileCache15382324696956376707.tmp'
18:29:11.488 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=iac
18:29:11.491 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=iac (3ms, unknown-length body)
18:29:11.675 DEBUG Download plugin 'iacenterprise' to '/opt/sonar-scanner/.sonar/_tmp/fileCache16867126920842647978.tmp'
18:29:11.676 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=iacenterprise
18:29:11.679 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=iacenterprise (3ms, unknown-length body)
18:29:11.734 DEBUG Download plugin 'jacoco' to '/opt/sonar-scanner/.sonar/_tmp/fileCache11634828462822204576.tmp'
18:29:11.734 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=jacoco
18:29:11.741 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=jacoco (6ms, unknown-length body)
18:29:11.743 DEBUG Download plugin 'shellcheck' to '/opt/sonar-scanner/.sonar/_tmp/fileCache1855658610024787132.tmp'
18:29:11.743 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=shellcheck
18:29:11.745 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=shellcheck (2ms, unknown-length body)
18:29:11.758 DEBUG Download plugin 'textenterprise' to '/opt/sonar-scanner/.sonar/_tmp/fileCache5784274047680950909.tmp'
18:29:11.759 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=textenterprise
18:29:11.761 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=textenterprise (2ms, unknown-length body)
18:29:11.910 INFO  Load/download plugins (done) | time=478ms
18:29:11.910 DEBUG Plugins not loaded because they are optional: [abap, sonarapex, architecture, architecturejavascriptfrontend, architecturejavafrontend, csharpenterprise, cpp, cfamilydependencies, cobol, dart, dbd, dbdjavafrontend, dbdpythonfrontend, flex, go, web, jcl, javasymbolicexecution, java, javascript, kotlin, php, pli, plsql, python, rpg, ruby, rust, sonarscala, swift, tsql, vbnetenterprise, vb, security, securitycsharpfrontend, securityjsfrontend, securityjavafrontend, securityphpfrontend, securitypythonfrontend, xml]
18:29:11.980 DEBUG Plugins loaded:
18:29:11.980 DEBUG   * Text Code Quality and Security 2.24.0.6480 (textenterprise)
18:29:11.981 DEBUG   * Clean as You Code 2.4.0.2018 (cayc)
18:29:11.981 DEBUG   * JaCoCo 1.3.0.1538 (jacoco)
18:29:11.981 DEBUG   * IaC Code Quality and Security 1.47.0.15287 (iacenterprise)
18:29:11.981 DEBUG   * ShellCheck Analyzer 2.5.0 (shellcheck)
18:29:11.981 DEBUG   * IaC Code Quality and Security 1.47.0.15287 (iac)
18:29:11.999 INFO  Loaded core extensions: developer-scanner, server-common
18:29:12.007 DEBUG Installed core extension: developer-scanner
18:29:12.007 DEBUG Installed core extension: server-common
18:29:12.064 DEBUG register org.eclipse.jgit.util.FS$FileStoreAttributes$$Lambda$384/0x00000048012ff1f0@2e1af49b with shutdown hook
18:29:12.145 INFO  Process project properties
18:29:12.152 INFO  Process project properties (done) | time=7ms
18:29:12.166 INFO  Project key: myrust:project
18:29:12.167 INFO  Base dir: /usr/src
18:29:12.167 INFO  Working dir: /usr/src/.scannerwork
18:29:12.167 DEBUG Project global encoding: UTF-8, default locale: en
18:29:12.170 DEBUG Starting HelmEvaluator ExecutorService with 2 threads
18:29:12.174 INFO  Load project settings for component key: 'myrust:project'
18:29:12.174 DEBUG --> GET http://sonarqube:9000/api/settings/values.protobuf?component=myrust%3Aproject
18:29:12.189 DEBUG <-- 200 http://sonarqube:9000/api/settings/values.protobuf?component=myrust%3Aproject (14ms, unknown-length body)
18:29:12.189 INFO  Load project settings for component key: 'myrust:project' (done) | time=15ms
18:29:12.203 INFO  Load project branches
18:29:12.203 DEBUG --> GET http://sonarqube:9000/api/project_branches/list?project=myrust%3Aproject
18:29:12.215 DEBUG <-- 200 http://sonarqube:9000/api/project_branches/list?project=myrust%3Aproject (10ms, unknown-length body)
18:29:12.219 INFO  Load project branches (done) | time=16ms
18:29:12.220 INFO  Load branch configuration
18:29:12.221 INFO  Load branch configuration (done) | time=1ms
18:29:12.224 DEBUG Creating module hierarchy
18:29:12.224 DEBUG   Init module 'My Rust Project'
18:29:12.224 DEBUG     Base dir: /usr/src
18:29:12.224 DEBUG     Working dir: /usr/src/.scannerwork
18:29:12.224 DEBUG     Module global encoding: UTF-8, default locale: en
18:29:12.227 INFO  Load quality profiles
18:29:12.228 DEBUG --> GET http://sonarqube:9000/api/qualityprofiles/search.protobuf?project=myrust%3Aproject
18:29:12.338 DEBUG <-- 200 http://sonarqube:9000/api/qualityprofiles/search.protobuf?project=myrust%3Aproject (110ms, 5055-byte body)
18:29:12.348 INFO  Load quality profiles (done) | time=120ms
18:29:12.368 INFO  Load active rules
18:29:12.369 DEBUG --> GET http://sonarqube:9000/api/v2/analysis/active_rules?projectKey=myrust:project
18:29:12.665 DEBUG <-- 200 http://sonarqube:9000/api/v2/analysis/active_rules?projectKey=myrust:project (296ms, unknown-length body)
18:29:12.777 INFO  Load active rules (done) | time=408ms
18:29:12.780 INFO  Load analysis cache
18:29:12.780 DEBUG --> GET http://sonarqube:9000/api/analysis_cache/get?project=myrust:project
18:29:12.793 DEBUG <-- 404 http://sonarqube:9000/api/analysis_cache/get?project=myrust:project (13ms, unknown-length body)
18:29:12.794 INFO  Load analysis cache (404) | time=15ms
18:29:12.805 DEBUG --> GET http://sonarqube:9000/api/languages/list
18:29:12.827 DEBUG <-- 200 http://sonarqube:9000/api/languages/list (8ms, unknown-length body)
18:29:12.847 DEBUG --> GET http://sonarqube:9000/api/features/list
18:29:12.869 DEBUG <-- 200 http://sonarqube:9000/api/features/list (22ms, unknown-length body)
18:29:12.878 DEBUG Declared patterns of language Kubernetes were converted to sonar.lang.patterns.kubernetes : 
18:29:12.879 DEBUG Declared patterns of language CSS were converted to sonar.lang.patterns.css : **/*.css,**/*.less,**/*.scss,**/*.sass
18:29:12.880 DEBUG Declared patterns of language Scala were converted to sonar.lang.patterns.scala : **/*.scala
18:29:12.880 DEBUG Declared patterns of language JSP were converted to sonar.lang.patterns.jsp : **/*.jsp,**/*.jspf,**/*.jspx
18:29:12.880 DEBUG Declared patterns of language JavaScript were converted to sonar.lang.patterns.js : **/*.js,**/*.jsx,**/*.cjs,**/*.mjs,**/*.vue
18:29:12.880 DEBUG Declared patterns of language Python were converted to sonar.lang.patterns.py : **/*.py
18:29:12.880 DEBUG Declared patterns of language Ansible were converted to sonar.lang.patterns.ansible : 
18:29:12.880 DEBUG Declared patterns of language Apex were converted to sonar.lang.patterns.apex : **/*.cls,**/*.trigger
18:29:12.880 DEBUG Declared patterns of language Docker were converted to sonar.lang.patterns.docker : **/Dockerfile,**/*.dockerfile
18:29:12.880 DEBUG Declared patterns of language PL/SQL were converted to sonar.lang.patterns.plsql : **/*.sql,**/*.pks,**/*.pkb
18:29:12.880 DEBUG Declared patterns of language Dart were converted to sonar.lang.patterns.dart : **/*.dart
18:29:12.881 DEBUG Declared patterns of language Rust were converted to sonar.lang.patterns.rust : **/*.rs
18:29:12.881 DEBUG Declared patterns of language JCL were converted to sonar.lang.patterns.jcl : **/*.jcl
18:29:12.881 DEBUG Declared patterns of language Java were converted to sonar.lang.patterns.java : **/*.java,**/*.jav
18:29:12.881 DEBUG Declared patterns of language HTML were converted to sonar.lang.patterns.web : **/*.html,**/*.xhtml,**/*.cshtml,**/*.vbhtml,**/*.aspx,**/*.ascx,**/*.rhtml,**/*.erb,**/*.shtm,**/*.shtml,**/*.cmp,**/*.twig
18:29:12.881 DEBUG Declared patterns of language Flex were converted to sonar.lang.patterns.flex : **/*.as
18:29:12.882 DEBUG Declared patterns of language XML were converted to sonar.lang.patterns.xml : **/*.xml,**/*.xsd,**/*.xsl,**/*.config
18:29:12.882 DEBUG Declared patterns of language JSON were converted to sonar.lang.patterns.json : **/*.json
18:29:12.882 DEBUG Declared patterns of language IPython Notebooks were converted to sonar.lang.patterns.ipynb : **/*.ipynb
18:29:12.882 DEBUG Declared patterns of language Text were converted to sonar.lang.patterns.text : 
18:29:12.882 DEBUG Declared patterns of language VB.NET were converted to sonar.lang.patterns.vbnet : **/*.vb
18:29:12.883 DEBUG Declared patterns of language CloudFormation were converted to sonar.lang.patterns.cloudformation : 
18:29:12.883 DEBUG Declared patterns of language Swift were converted to sonar.lang.patterns.swift : **/*.swift
18:29:12.884 DEBUG Declared patterns of language YAML were converted to sonar.lang.patterns.yaml : **/*.yaml,**/*.yml
18:29:12.884 DEBUG Declared patterns of language C++ were converted to sonar.lang.patterns.cpp : **/*.cc,**/*.cpp,**/*.cxx,**/*.c++,**/*.hh,**/*.hpp,**/*.hxx,**/*.h++,**/*.ipp,**/*.ixx,**/*.mxx,**/*.cppm,**/*.ccm,**/*.cxxm,**/*.c++m
18:29:12.885 DEBUG Declared patterns of language C were converted to sonar.lang.patterns.c : **/*.c,**/*.h
18:29:12.885 DEBUG Declared patterns of language Go were converted to sonar.lang.patterns.go : **/*.go
18:29:12.885 DEBUG Declared patterns of language Kotlin were converted to sonar.lang.patterns.kotlin : **/*.kt,**/*.kts
18:29:12.885 DEBUG Declared patterns of language RPG were converted to sonar.lang.patterns.rpg : **/*.rpg,**/*.rpgle,**/*.sqlrpgle,**/*.rpg,**/*.rpgle,**/*.sqlrpgle
18:29:12.885 DEBUG Declared patterns of language PL/I were converted to sonar.lang.patterns.pli : **/*.pli
18:29:12.885 DEBUG Declared patterns of language T-SQL were converted to sonar.lang.patterns.tsql : **/*.tsql
18:29:12.885 DEBUG Declared patterns of language Vb were converted to sonar.lang.patterns.vb : **/*.bas,**/*.frm,**/*.ctl
18:29:12.885 DEBUG Declared patterns of language Secrets were converted to sonar.lang.patterns.secrets : 
18:29:12.886 DEBUG Declared patterns of language Ruby were converted to sonar.lang.patterns.ruby : **/*.rb
18:29:12.886 DEBUG Declared patterns of language C# were converted to sonar.lang.patterns.cs : **/*.cs,**/*.razor
18:29:12.886 DEBUG Declared patterns of language COBOL were converted to sonar.lang.patterns.cobol : 
18:29:12.887 DEBUG Declared patterns of language Shell were converted to sonar.lang.patterns.shell : **/*.sh,**/*.ksh,**/*.bash
18:29:12.887 DEBUG Declared patterns of language PHP were converted to sonar.lang.patterns.php : **/*.php,**/*.php3,**/*.php4,**/*.php5,**/*.phtml,**/*.inc
18:29:12.888 DEBUG Declared patterns of language Terraform were converted to sonar.lang.patterns.terraform : **/*.tf
18:29:12.888 DEBUG Declared patterns of language AzureResourceManager were converted to sonar.lang.patterns.azureresourcemanager : **/*.bicep
18:29:12.888 DEBUG Declared patterns of language ABAP were converted to sonar.lang.patterns.abap : **/*.abap,**/*.ab4,**/*.flow,**/*.asprog
18:29:12.888 DEBUG Declared patterns of language Objective-C were converted to sonar.lang.patterns.objc : **/*.m
18:29:12.888 DEBUG Declared patterns of language TypeScript were converted to sonar.lang.patterns.ts : **/*.ts,**/*.tsx,**/*.cts,**/*.mts
18:29:12.895 INFO  Preprocessing files...
18:29:12.904 DEBUG loading config FileBasedConfig[/tmp/jgit/config]
18:29:12.906 DEBUG readpipe [/usr/bin/git, --version],/usr/bin
18:29:12.935 DEBUG readpipe may return 'git version 2.47.1'
18:29:12.935 DEBUG remaining output:

18:29:12.936 DEBUG readpipe [/usr/bin/git, config, --system, --show-origin, --list, -z],/usr/bin
18:29:12.940 DEBUG readpipe may return 'null'
18:29:12.940 DEBUG remaining output:

18:29:12.941 DEBUG readpipe rc=128
18:29:12.942 DEBUG Exception caught during execution of command '[/usr/bin/git, config, --system, --show-origin, --list, -z]' in '/usr/bin', return code '128', error message 'fatal: unable to read config file '/etc/gitconfig': No such file or directory
'
18:29:12.942 DEBUG loading config FileBasedConfig[/tmp/git/config]
18:29:12.942 DEBUG loading config UserConfigFile[/home/scanner-cli/.gitconfig]
18:29:12.991 DEBUG 14 non excluded files in this Git repository
18:29:13.007 INFO  1 language detected in 6 preprocessed files (done) | time=111ms
18:29:13.007 INFO  0 files ignored because of inclusion/exclusion patterns
18:29:13.007 INFO  0 files ignored because of scm ignore settings
18:29:13.008 INFO  Loading plugins for detected languages
18:29:13.009 DEBUG Detected languages: [rust]
18:29:13.009 INFO  Load/download plugins
18:29:13.009 DEBUG Download plugin 'rust' to '/opt/sonar-scanner/.sonar/_tmp/fileCache4934934772049498018.tmp'
18:29:13.009 DEBUG --> GET http://sonarqube:9000/api/plugins/download?plugin=rust
18:29:13.014 DEBUG <-- 200 http://sonarqube:9000/api/plugins/download?plugin=rust (4ms, unknown-length body)
18:29:13.163 INFO  Load/download plugins (done) | time=154ms
18:29:13.163 DEBUG Optional language-specific plugins not loaded: [abap, sonarapex, architecture, architecturejavascriptfrontend, architecturejavafrontend, csharpenterprise, cpp, cfamilydependencies, cobol, dart, dbd, dbdjavafrontend, dbdpythonfrontend, flex, go, web, jcl, javasymbolicexecution, java, javascript, kotlin, php, pli, plsql, python, rpg, ruby, sonarscala, swift, tsql, vbnetenterprise, vb, security, securitycsharpfrontend, securityjsfrontend, securityjavafrontend, securityphpfrontend, securitypythonfrontend, xml]
18:29:13.167 DEBUG Plugins loaded:
18:29:13.167 DEBUG   * Rust Code Quality and Security 1.0.3.786 (rust)
18:29:13.196 INFO  Load project repositories
18:29:13.197 DEBUG --> GET http://sonarqube:9000/batch/project.protobuf?key=myrust%3Aproject
18:29:13.209 DEBUG <-- 200 http://sonarqube:9000/batch/project.protobuf?key=myrust%3Aproject (11ms, 596-byte body)
18:29:13.249 INFO  Load project repositories (done) | time=52ms
18:29:13.255 DEBUG Available languages:
18:29:13.255 DEBUG   * Rust => "rust"
18:29:13.255 DEBUG   * Secrets => "secrets"
18:29:13.255 DEBUG   * Text => "text"
18:29:13.255 DEBUG   * Ansible => "ansible"
18:29:13.255 DEBUG   * Shell => "shell"
18:29:13.256 DEBUG   * Terraform => "terraform"
18:29:13.256 DEBUG   * CloudFormation => "cloudformation"
18:29:13.256 DEBUG   * Kubernetes => "kubernetes"
18:29:13.256 DEBUG   * Docker => "docker"
18:29:13.256 DEBUG   * AzureResourceManager => "azureresourcemanager"
18:29:13.257 DEBUG   * YAML => "yaml"
18:29:13.257 DEBUG   * JSON => "json"
18:29:13.257 INFO  Indexing files...
18:29:13.257 INFO  Project configuration:
18:29:13.257 INFO    Excluded sources: **/target/**,**/*.rs.bk
18:29:13.259 DEBUG 'src/duplicated.rs' indexed with language 'rust'
18:29:13.261 DEBUG 'src/lib.rs' indexed with language 'rust'
18:29:13.262 DEBUG 'src/problematic.rs' indexed with language 'rust'
18:29:13.262 DEBUG 'src/unsafe_problems.rs' indexed with language 'rust'
18:29:13.262 DEBUG 'src/main.rs' indexed with language 'rust'
18:29:13.262 DEBUG 'tests/integration_tests.rs' indexed as test with language 'rust'
18:29:13.262 INFO  6 files indexed (done) | time=6ms
18:29:13.264 INFO  Quality profile for rust: Sonar way
18:29:13.265 INFO  ------------- Run sensors on module My Rust Project
18:29:13.290 INFO  Load metrics repository
18:29:13.290 DEBUG --> GET http://sonarqube:9000/api/metrics/search?ps=500&p=1
18:29:13.308 DEBUG <-- 200 http://sonarqube:9000/api/metrics/search?ps=500&p=1 (17ms, unknown-length body)
18:29:13.312 INFO  Load metrics repository (done) | time=23ms
18:29:13.509 DEBUG 'Import external issues report' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.externalIssuesReportPaths: <empty>
18:29:13.510 DEBUG 'Clippy Report Import' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.rust.clippyReport.reportPaths: <empty>
- sonar.externalIssuesReportPaths: <empty>
18:29:13.511 DEBUG 'Rust Cobertura Coverage' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.rust.clippy.enabled: <empty>
- sonar.rust.clippyReport.reportPaths: <empty>
- sonar.rust.cobertura.reportPaths: <empty>
- sonar.externalIssuesReportPaths: <empty>
18:29:13.512 DEBUG 'IaC Ansible Sensor' skipped because there is no related file in current project
18:29:13.512 DEBUG 'ShellCheck Sensor' skipped because there is no related file in current project
18:29:13.512 DEBUG 'IaC Terraform Sensor' skipped because there is no related file in current project
18:29:13.512 DEBUG 'IaC CloudFormation Sensor' skipped because there is no related file in current project
18:29:13.512 DEBUG 'IaC Kubernetes Sensor' skipped because there is no related file in current project
18:29:13.513 DEBUG 'IaC AzureResourceManager Sensor' skipped because there is no related file in current project
18:29:13.514 DEBUG 'Generic Test Executions Report' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.rust.lcov.reportPaths: coverage/lcov.info
- sonar.rust.clippy.enabled: <empty>
- sonar.rust.clippyReport.reportPaths: <empty>
- sonar.testExecutionReportPaths: <empty>
- sonar.rust.cobertura.reportPaths: <empty>
- sonar.externalIssuesReportPaths: <empty>
18:29:13.515 DEBUG Sensors : Clippy -> Rust LCOV Coverage -> Rust -> JaCoCo XML Report Importer -> Java Config Sensor -> IaC Docker Sensor -> EnterpriseTextAndSecretsSensor
18:29:13.515 INFO  Sensor Clippy [rust]
18:29:13.516 DEBUG Looking for Cargo manifests
18:29:13.517 DEBUG Looking for Cargo manifest paths using sonar.rust.cargo.manifestPaths
18:29:13.517 DEBUG Attempting to resolve Cargo manifest path: Cargo.toml
18:29:13.517 DEBUG Found Cargo manifests: [/usr/src/Cargo.toml]
18:29:13.517 DEBUG Checking Cargo version
18:29:13.709 DEBUG Cargo version: cargo 1.87.0 (99624be96 2025-05-06)
18:29:13.710 DEBUG Checking Clippy version
18:29:13.950 DEBUG Clippy version: clippy 0.1.87 (17067e9ac6 2025-05-09)
18:29:13.968 DEBUG Running Clippy: [cargo, clippy, --quiet, --message-format=json, --, -A, clippy::all, -Wclippy::approx_constant, -Wclippy::modulo_one, -Wclippy::mut_from_ref, -Wclippy::mistyped_literal_suffixes, -Wclippy::iter_next_loop, -Wclippy::zst_offset, -Wclippy::iter_skip_zero, -Wclippy::async_yields_async, -Wclippy::iterator_step_by_zero, -Wclippy::wrong_transmute, -Wclippy::inherent_to_string_shadow_display, -Wclippy::redundant_field_names, -Wclippy::let_underscore_lock, -Wclippy::wildcard_imports, -Wclippy::unnecessary_semicolon, -Wclippy::never_loop, -Wclippy::while_immutable_condition, -Wclippy::uninit_vec, -Wclippy::derive_ord_xor_partial_ord, -Wclippy::useless_attribute, -Wclippy::unused_io_amount, -Wclippy::recursive_format_impl, -Wclippy::vec_init_then_push, -Wclippy::read_line_without_trim, -Wclippy::vec_resize_to_zero, -Wclippy::panicking_unwrap, -Wclippy::eager_transmute, -Wclippy::panicking_overflow_checks, -Wclippy::option_env_unwrap, -Wclippy::not_unsafe_ptr_arg_deref, -Wclippy::nonsensical_open_options, -Wclippy::absurd_extreme_comparisons, -Wclippy::while_float, -Wclippy::ineffective_bit_mask, -Wclippy::possible_missing_comma, -Wclippy::ifs_same_cond, -Wclippy::invisible_characters, -Wclippy::non_octal_unix_permissions, -Wclippy::inline_fn_without_body, -Wclippy::min_max, -Wclippy::invalid_null_ptr_usage, -Wclippy::suspicious_splitn, -Wclippy::too_many_arguments, -Wclippy::size_of_in_element_count, -Wclippy::reversed_empty_ranges, -Wclippy::no_effect, -Wclippy::cast_slice_different_sizes, -Wclippy::out_of_bounds_indexing, -Wclippy::redundant_comparisons, -Wclippy::erasing_op, -Wclippy::self_assignment, -Wclippy::invalid_regex, -Wclippy::overly_complex_bool_expr, -Wclippy::unnecessary_cast, -Wclippy::zero_ptr, -Wclippy::almost_swapped, -Wclippy::bad_bit_mask, -Wclippy::impossible_comparisons, -Wclippy::string_to_string, -Wclippy::mem_replace_with_uninit, -Wclippy::inverted_saturating_sub, -Wclippy::unsound_collection_transmute, -Wclippy::infinite_iter, -Wclippy::unit_return_expecting_ord, -Wclippy::unit_hash, -Wclippy::unit_cmp, -Wclippy::derived_hash_with_manual_eq, -Wclippy::uninit_assumed_init, -Wclippy::misnamed_getter, -Wclippy::serde_api_misuse, -Wclippy::impl_hash_borrow_with_str_and_bytes, -Wclippy::let_and_return, -Wclippy::eq_op, -Wclippy::enum_clike_unportable_variant, -Wclippy::transmuting_null, -Wclippy::match_str_case_mismatch, -Wclippy::transmute_null_to_fn]
18:29:15.225 DEBUG Saving Clippy diagnostic: ClippyDiagnostic[manifest_path=/usr/src/Cargo.toml, message=ClippyMessage[code=ClippyCode[code=clippy::wildcard_imports], message=usage of wildcard import, spans=[ClippySpan[file_name=src/main.rs, line_start=4, column_start=5, line_end=4, column_end=13]]]]
18:29:15.230 DEBUG 'src/main.rs' generated metadata with charset 'UTF-8'
18:29:15.239 INFO  Sensor Clippy [rust] (done) | time=1723ms
18:29:15.239 INFO  Sensor Rust LCOV Coverage [rust]
18:29:15.239 DEBUG Processing LCOV coverage reports
18:29:15.239 DEBUG Attempting to resolve LCOV report path: coverage/lcov.info
18:29:15.239 DEBUG Found LCOV report file: /usr/src/coverage/lcov.info
18:29:15.240 DEBUG Found 1 LCOV report files
18:29:15.240 DEBUG Parsing LCOV report: /usr/src/coverage/lcov.info
18:29:15.243 DEBUG 'src/duplicated.rs' generated metadata with charset 'UTF-8'
18:29:15.249 DEBUG 'src/lib.rs' generated metadata with charset 'UTF-8'
18:29:15.252 DEBUG 'src/problematic.rs' generated metadata with charset 'UTF-8'
18:29:15.253 DEBUG 'src/unsafe_problems.rs' generated metadata with charset 'UTF-8'
18:29:15.253 DEBUG Successfully parsed LCOV report
18:29:15.254 DEBUG Saving coverage for file: src/unsafe_problems.rs
18:29:15.258 DEBUG Successfully saved coverage
18:29:15.259 DEBUG Saving coverage for file: src/lib.rs
18:29:15.261 DEBUG Successfully saved coverage
18:29:15.261 DEBUG Saving coverage for file: src/duplicated.rs
18:29:15.262 DEBUG Successfully saved coverage
18:29:15.262 DEBUG Saving coverage for file: src/problematic.rs
18:29:15.264 DEBUG Successfully saved coverage
18:29:15.264 DEBUG Saving coverage for file: src/main.rs
18:29:15.265 DEBUG Successfully saved coverage
18:29:15.265 DEBUG Processed LCOV coverage reports
18:29:15.265 INFO  Sensor Rust LCOV Coverage [rust] (done) | time=26ms
18:29:15.266 INFO  Sensor Rust [rust]
18:29:15.266 INFO  Detected platform: LINUX_AARCH64
18:29:15.267 DEBUG Extracting analyzer from /analyzer/linux-aarch64-musl/analyzer.xz
18:29:15.268 DEBUG Copying analyzer to /usr/src/.scannerwork/.sonartmp/analyzer-5510500016238996077
18:29:15.421 ERROR Failed to create Rust analyzer: Failed to start the analyzer process
18:29:15.421 INFO  Sensor Rust [rust] (done) | time=156ms
18:29:15.421 INFO  Sensor JaCoCo XML Report Importer [jacoco]
18:29:15.422 INFO  'sonar.coverage.jacoco.xmlReportPaths' is not defined. Using default locations: target/site/jacoco/jacoco.xml,target/site/jacoco-it/jacoco.xml,build/reports/jacoco/test/jacocoTestReport.xml
18:29:15.423 INFO  No report imported, no coverage information will be imported by JaCoCo XML Report Importer
18:29:15.423 INFO  Sensor JaCoCo XML Report Importer [jacoco] (done) | time=2ms
18:29:15.423 INFO  Sensor Java Config Sensor [iac]
18:29:15.434 INFO  0 source files to be analyzed
18:29:15.436 INFO  0/0 source files have been analyzed
18:29:15.437 INFO  Sensor Java Config Sensor [iac] (done) | time=13ms
18:29:15.437 INFO  Sensor IaC Docker Sensor [iac]
18:29:15.473 INFO  0 source files to be analyzed
18:29:15.473 INFO  0/0 source files have been analyzed
18:29:15.473 INFO  Sensor IaC Docker Sensor [iac] (done) | time=36ms
18:29:15.473 INFO  Sensor EnterpriseTextAndSecretsSensor [textenterprise]
18:29:15.473 DEBUG Sensor EnterpriseTextAndSecretsSensor is allowed to analyze hidden files
18:29:15.479 INFO  Available processors: 10
18:29:15.479 INFO  Using 10 threads for analysis.
18:29:16.216 INFO  Start fetching files for the text and secrets analysis
18:29:16.219 DEBUG Read the "git --version" stdout in thread "pool-6-thread-1"
18:29:16.219 DEBUG git --version returned: git version 2.47.1
18:29:16.220 INFO  Using Git CLI to retrieve untracked files
18:29:16.223 DEBUG Read the "git status --untracked-files=all --porcelain" stdout in thread "pool-6-thread-1"
18:29:16.225 DEBUG Process [git, status, --untracked-files=all, --porcelain] exited with code 128
18:29:16.225 DEBUG Unable to retrieve git status
18:29:16.226 WARN  Retrieving only language associated files, make sure to run the analysis inside a git repository to make use of inclusions specified via "sonar.text.inclusions"
18:29:16.229 DEBUG 'tests/integration_tests.rs' generated metadata as test  with charset 'UTF-8'
18:29:16.238 INFO  Starting the text and secrets analysis
18:29:16.239 INFO  6 source files to be analyzed for the text and secrets analysis
18:29:16.491 INFO  6/6 source files have been analyzed for the text and secrets analysis
18:29:16.494 INFO  Start fetching files for the binary file analysis
18:29:16.494 INFO  There are no files to be analyzed for the binary file analysis
18:29:16.495 INFO  Sensor EnterpriseTextAndSecretsSensor [textenterprise] (done) | time=1023ms
18:29:16.497 INFO  ------------- Run sensors on project
18:29:16.563 DEBUG 'Generic Coverage Report' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.coverageReportPaths: <empty>
18:29:16.563 DEBUG 'Import external issues report from SARIF file.' skipped because of missing configuration requirements.
Accessed configuration:
- sonar.coverageReportPaths: <empty>
- sonar.sarifReportPaths: <empty>
18:29:16.563 DEBUG 'Java CPD Block Indexer' skipped because there is no related file in current project
18:29:16.563 DEBUG Sensors : Zero Coverage Sensor
18:29:16.563 INFO  Sensor Zero Coverage Sensor
18:29:16.564 INFO  Sensor Zero Coverage Sensor (done) | time=1ms
18:29:16.564 INFO  ------------- Gather SCA dependencies on project
18:29:16.566 INFO  Dependency analysis skipped
18:29:16.576 INFO  CPD Executor Calculating CPD for 0 files
18:29:16.576 INFO  CPD Executor CPD calculation finished (done) | time=0ms
18:29:16.583 INFO  SCM revision ID '74fd64385907733ee98193e211f26b8aa12071e8'
18:29:16.655 INFO  Load New Code definition
18:29:16.656 DEBUG --> GET http://sonarqube:9000/api/new_code_periods/show.protobuf?project=myrust%3Aproject&branch=main
18:29:16.664 DEBUG <-- 200 http://sonarqube:9000/api/new_code_periods/show.protobuf?project=myrust%3Aproject&branch=main (8ms, 26-byte body)
18:29:16.665 INFO  Load New Code definition (done) | time=10ms
18:29:16.673 INFO  Analysis report generated in 90ms, dir size=426.7 kB
18:29:16.776 INFO  Analysis report compressed in 102ms, zip size=66.3 kB
18:29:16.776 INFO  Analysis report generated in /usr/src/.scannerwork/scanner-report
18:29:16.776 DEBUG Upload report
18:29:16.778 DEBUG --> POST http://sonarqube:9000/api/ce/submit?projectKey=myrust%3Aproject&projectName=My%20Rust%20Project (66573-byte body)
18:29:16.831 DEBUG <-- 200 http://sonarqube:9000/api/ce/submit?projectKey=myrust%3Aproject&projectName=My%20Rust%20Project (52ms, 76-byte body)
18:29:16.833 INFO  Analysis report uploaded in 56ms
18:29:16.834 DEBUG Report metadata written to /usr/src/.scannerwork/report-task.txt
18:29:16.834 INFO  ANALYSIS SUCCESSFUL, you can find the results at: https://sonar.tools.dev.assaabloyglobalsolutions.net/dashboard?id=myrust%3Aproject
18:29:16.835 INFO  Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
18:29:16.835 INFO  More about the report processing at https://sonar.tools.dev.assaabloyglobalsolutions.net/api/ce/task?id=ec3188ec-570e-434f-9b93-f7c53830e2d8
18:29:16.837 DEBUG Post-jobs : 
18:29:16.838 DEBUG Closing monitoring resources of Helm evaluator
18:29:16.841 INFO  Analysis total time: 4.842 s
18:29:16.842 INFO  SonarScanner Engine completed successfully
18:29:16.843 DEBUG Cleanup org.eclipse.jgit.util.FS$FileStoreAttributes$$Lambda$384/0x00000048012ff1f0@2e1af49b during JVM shutdown
18:29:16.877 INFO  EXECUTION SUCCESS
18:29:16.883 INFO  Total time: 10.503s

@claesjonsson , could you also share dockerfile you are using? Or is it “our” sonar-scanner-cli?

What kind of aarch64 machine do you have? I am just wondering if I will be able to reproduce this on Apple M3, or I need to start some EC2 instance

@saberduck

It is basically “your” Dockerfile, with one small difference: I let the scanner-cli user have a “normal” home directory and removed the ENV HOME=/tmp variable. This is to allow a smoother install of tools (specifically Rust tools) in an extended image.
And I’m running this on an Apple M1 Max, so I assume your M3 would be similar enough?

FROM alpine:3.19 AS builder

LABEL org.opencontainers.image.url=https://github.com/SonarSource/sonar-scanner-cli-docker

ARG SONAR_SCANNER_HOME=/opt/sonar-scanner
ARG SONAR_SCANNER_VERSION=7.1.0.4889
ENV XDG_CONFIG_HOME=/tmp \
    SONAR_SCANNER_HOME=${SONAR_SCANNER_HOME} \
    SCANNER_BINARIES=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli
ENV SCANNER_ZIP_URL="${SCANNER_BINARIES}/sonar-scanner-cli-${SONAR_SCANNER_VERSION}.zip"

WORKDIR /opt

ADD ${SCANNER_ZIP_URL} /opt/sonar-scanner-cli.zip
ADD ${SCANNER_ZIP_URL}.asc /opt/sonar-scanner-cli.zip.asc

RUN set -eux; \
    apk add --no-cache --virtual build-dependencies gnupg unzip wget; \
    for server in $(shuf -e hkps://keys.openpgp.org \
                            hkps://keyserver.ubuntu.com) ; do \
        gpg --batch --keyserver "${server}" --recv-keys 679F1EE92B19609DE816FDE81DB198F93525EC1A && break || : ; \
    done; \
    gpg --verify /opt/sonar-scanner-cli.zip.asc /opt/sonar-scanner-cli.zip; \
    unzip sonar-scanner-cli.zip; \
    rm sonar-scanner-cli.zip sonar-scanner-cli.zip.asc; \
    mv sonar-scanner-${SONAR_SCANNER_VERSION} ${SONAR_SCANNER_HOME}; \
    apk del --purge build-dependencies;


FROM amazoncorretto:17-al2023 AS scanner-cli-base

ARG SONAR_SCANNER_HOME=/opt/sonar-scanner
ENV XDG_CONFIG_HOME=/tmp \
    SONAR_SCANNER_HOME=${SONAR_SCANNER_HOME} \
    SONAR_USER_HOME=${SONAR_SCANNER_HOME}/.sonar \
    PATH=${SONAR_SCANNER_HOME}/bin:${PATH} \
    SRC_PATH=/usr/src \
    SCANNER_WORKDIR_PATH=/tmp/.scannerwork \
    LANG=C.UTF-8 \
    LC_ALL=C.UTF-8

# Copy Scanner installation from builder image
COPY --from=builder /opt/sonar-scanner /opt/sonar-scanner

RUN \
    dnf install -y git \
    && dnf install -y tar \
    && dnf install -y nodejs \
    && dnf clean all \
    && set -eux \
    && groupadd --system --gid 1000 scanner-cli \
    && useradd --system -d /home/scanner-cli -m --uid 1000 --gid scanner-cli scanner-cli \
    && chown -R scanner-cli:scanner-cli "${SONAR_SCANNER_HOME}" "${SRC_PATH}" \
    && mkdir -p "${SRC_PATH}" "${SONAR_USER_HOME}" "${SONAR_USER_HOME}/cache" "${SCANNER_WORKDIR_PATH}" \
    && chown -R scanner-cli:scanner-cli "${SONAR_SCANNER_HOME}" "${SRC_PATH}" "${SCANNER_WORKDIR_PATH}" \
    && chmod -R 555 "${SONAR_SCANNER_HOME}" \
    && chmod -R 754 "${SRC_PATH}" "${SONAR_USER_HOME}" "${SCANNER_WORKDIR_PATH}" \
    # Seems '/etc/gitconfig' is missing, which makes git throw an error during scanning
    && touch /etc/gitconfig \
    # Security updates
    && dnf upgrade -y --releasever=latest --security

COPY --chown=scanner-cli:scanner-cli bin /usr/bin/

USER scanner-cli

WORKDIR ${SRC_PATH}

ENTRYPOINT ["/usr/bin/entrypoint.sh"]

CMD ["sonar-scanner"]

Here is also the Rust specific image, extending the image above:

FROM my.registry/sonar-scanner-cli:latest

USER root

RUN dnf update -y && dnf install -y \
    gcc \
    gcc-c++ \
    make \
    && dnf clean all

USER scanner-cli

RUN mkdir -p /home/scanner-cli/.cargo
    
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y --default-toolchain stable && \
    source /home/scanner-cli/.cargo/env && \
    rustup component add clippy && \
    rustup component add rustfmt

ENV PATH="/home/scanner-cli/.cargo/bin:${PATH}"
ENV RUSTUP_HOME="/home/scanner-cli/.rustup"
ENV CARGO_HOME="/home/scanner-cli/.cargo"

RUN mkdir -p /home/scanner-cli/.cargo/registry && \
    mkdir -p /home/scanner-cli/.cargo/git && \
    chmod -R 755 /home/scanner-cli/.cargo

RUN chmod -R 755 /home/scanner-cli/.cargo && \
    chmod -R 755 /home/scanner-cli/.rustup

WORKDIR /usr/src

As for generating test coverage reports, this is done in a separate step, using a separate image with cargo-llvm-cov installed.

fyi, here is a ticket to follow to have official arm64 image Jira

I will try to reproduce the issue using your Dockerfile

I created ticket to track the issue Jira

Thank you.

I’d like to track the issue, but it seems my email “doesn’t have access to Jira on sonarsource.atlassian.net.”

I made sure to use the same email for both accounts. Do you know if it’s a setting on your side or simply Jira being Jira?