Scans Failing with "ERROR: Quality Gate check timeout exceeded"

SonarQube
1

We are using Sonar Community Edition: Version 9.8 (build 63668) which is deployed via zip.

Issue →
The issue is not permanent, Scans sometimes pass, and sometimes fail with “ERROR: Quality Gate check timeout exceeded”.
The issue is for multiple projects in our Organisation.

We enabled the Debug Logs using -Dsonar.verbose=true.

What have you tried so far →

We have tried setting parameters: -Dsonar.qualitygate.wait=true and -Dsonar.qualitygate.timeout=900 ( we even tried keeping a larger timeout 1800s as well) but this didn’t solve the error.

Note: Sonar Scans run on Bamboo CI Agents which are EC2 instances with 8 core 32 GB capacity.

We also enabled and check our instance ALB logs and didn’t find any Blockings from WAF etc.

SonarQube itself is running in an Ec2 instance which we also confirmed that it is not under-provisioned. Our instance used External RDS DB with postgres which is also provisioned enough.

Can you help us to triage this issue? Please let us know if anything else is needed to check more on this issue.

2

Hi,

What CI are you using? Can you share your pipeline?

From your log, it looks like you’re retrying a URL in a loop…?

 
Ann

3

We run the scanner as a docker container. We built our own docker image, This docker image extends Docker. These are the parameters we use for scanning:

sonar.javascript.lcov.reportPaths
sonar.branch.name
sonar.projectKey
sonar.login
sonar.verbose
sonar.qualitygate.wait
sonar.qualitygate.timeout
sonar.projectName

Then when we run the scanner we do:
We unpack our source code repository.
Then run the scanner using above mentioned Docker Image on Bamboo CI.

We just call sonar-scanner and, importantly - with the parameter sonar.qualitygate.wait=true. I believe this is code sonarqube/QualityGateCheck.java at 776503eeb7842d695c3841e33fd87c3f08cb291e · SonarSource/sonarqube · GitHub in sonar-scanner that calls the URL in loop

4

Hi,

Thanks for sharing the scanner parameter keys. Can you additionally share the context in which the scanner is called?

Because your CI system and your script or pipeline have a bearing on how this should be working.

 
Ann

5

We extend the docker image provided by sonar as follows:

 FROM sonarsource/sonar-scanner-cli:4.7
 
 RUN apk add --no-cache --update curl gnupg jq maven
 
 ENV SONAR_HOST_URL "https://sonar.serverinstance.com"
 
 ENV WORKDIR /sonar-scanner
 
 WORKDIR ${WORKDIR}
 
 COPY ./scripts ${WORKDIR}/
 
 ENTRYPOINT ["/bin/bash", "./entrypoint.sh"]

and entrypoint.sh contains the following

 #!/usr/bin/env bash
 
 # set the sonar scanner variables here
 ....
 # set the sonar scanner variables section end
 
 echo "Running Sonar Scanner Cli"
 sonar-scanner

The above script running in a docker container on Linux based EC2 instance in AWS is all the context + CI scripts.

Please let me know if you need more information about something specific.

7

Hi,

Thanks for the detail. I’m caught up now. If I had known previously that sonar.qualitygate.wait did the polling for you then I forgot it. But I’ve re-reviewed the docs.

Going back to your (now deleted?) analysis log, this looks like a very large project. It’s possible you just need to increase your timeout some more. I would start by looking at the project’s Project Settings → Background Tasks to see what a … 90th percentile Duration looks like and setting the timeout based on that.

What that doesn’t account for is queue time. Depending on the frequency of analyzing other projects it may be that your analysis report waits around a bit before being processed. In fact, that could account for why this sometimes works and sometimes doesn’t: if another project’s analysis report beats this one to the head of the line, this one just has to wait its turn.

Does that help?

 
Ann

9
  • Have you solved this problem? I have also encountered this problem
    I used gitlab’s pipline, SonarQube’s Check Quality Gate status which was also occasionally successful and occasionally timed out