Sonar Angular project scan does not fail when coming accross java.lang.IllegalArgumentException

gspasov · April 16, 2020, 1:33pm

versions used - SonarQube 8.1, NPM sonar-scanner v3.1.0
error observed java.lang.IllegalArgumentException: 9 is not a valid line offset for pointer. File src/app/components/package.component.ts has 7 character(s) at line 106 - This is caused by https://github.com/SonarSource/sonarqube/blob/5c2e35eb1b4c315b29b7e91a9921633873327347/sonar-plugin-api/src/main/java/org/sonar/api/utils/Preconditions.java#L41

The exception is not propagated properly and does not stop current Sonar scan with failure.

Moreover, the execution continues with INFO: Sensor TypeScript analysis [javascript] (done) | time=1369488ms INFO: Sensor JavaXmlSensor [java] INFO: Sensor JavaXmlSensor [java] (done) | time=46ms

and results in

EXECUTION SUCCESS

So, here I’ve got the following question - why after calling the checkArgument() method from the above mentioned file I’ve posted a link to, the execution isn’t failing due to the exception?

steps to reproduce - Create a file that hasn’t a proper line ending (let’s say mix of CLRF) or not UTF-8 compliant symbols (like a Cyrillic symbol}
I’ve not found any potential workaround, as this actually breaks the implementation of the Sonar scan - on one hand we have an exception, the application does not finish file analysis execution properly, which results in absolutely no test coverage reported to the SonarQube instance.

Lena · April 17, 2020, 7:47am

This is a proper behaviour we expect, if one sensor fails for some reason in most of the cases we prefer to continue with the next sensors. While I agree, visibility of such failure might be low, we believe it’s better than blocking the rest of analysis. We have a mechanism to report warnings in UI, but we prefer to use it only when we are sure the problem is on the user side.

About the failure itself do you confirm that problem will be fixed by fixing file/encoding?

gspasov · April 21, 2020, 10:00am

Yes. Everything’s working properly when line endings and file encoding is correct.

I found out about this because I had no code coverage data reported and analysis done after scanning an angular project. Going through the logs made me go through the code as well.

So, the scan found something which the linter couldn’t (which is awesome!). Is there a configuration option somewhere that can fail the run if some exception like this is found? I think that if someone tries to implement SonarQube as a part of their CI/CD, it would be nice to fail the corresponding increment integration if an error of this nature occurs during a scan.

Or maybe this could be a tiny feature someone contributes in the near future.

Lena · May 22, 2020, 1:16pm

There is no such feature, and I don’t think we think it’s valuable. I think that Azure pipe is failing if there is at least one ERROR log, so you could implement something similar on your side