Sonar Project Key replaced automatically by Maven project name in GitLab

Hi everyone,

We are trying to add SonarQube to our CI pipeline and we found some problems.

We know this format is not ideal, but for test purposes we are deploying Sonar as a local service in docker (image [sonarqube:9.9.5-community]) running in localhost:9000 and then executing our CI task using a local GitLab runner (executor: shell(powershell)) on Windows and connecting to our Sonar local service.

In this way, we manage to connect to our Sonar server (configuring the Sonar token and URL) and execute the sonar analysis, but we have a problem regarding the Project key: even if we indicate it as a flag in our sonar:sonar command, it’s replaced during the command’s execution by the Maven project name.

This is our CI task:

sonarqube-check:
  image: maven:3.6.3-jdk-11
  tags:
    - test1
  variables:
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"  # Defines the location of the analysis task cache
    GIT_DEPTH: "0"  # Tells git to fetch all the branches of the project, required by the analysis task
  cache:
    key: "${CI_JOB_NAME}"
    paths:
      - .sonar/cache
  script:
    - mvn clean verify sonar:sonar -Dsonar.projectKey=MyRESTAPI123
  allow_failure: true
  only:
    - my-test-branch

In this way, when the script is executed, we have as log:

[INFO] 15:57:45.354 Project key: Maven-Project-Name123

instead of Project key: MyRESTAPI123

In this way, when it tries to upload the report to the Sonar server we got:

[INFO] 15:57:57.898 Analysis report generated in 351ms, dir size=180.6 kB
[INFO] 15:58:00.395 Analysis report compressed in 2496ms, zip size=60.2 kB
[INFO] 15:58:00.395 Analysis report generated in C:\GitLab-Runner\...\scanner-report
[DEBUG] 15:58:00.395 Upload report
[DEBUG] 15:58:00.415 POST 403 http://localhost:9000/api/ce/submit?projectKey= Maven-Project-Name123 | time=19ms
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Skipping
[INFO] This project has been banned from the build due to previous failures.
[INFO] ------------------------------------------------------------------------
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
Cleaning up project directory and file based variables
ERROR: Job failed: exit status 1

Does anyone knows how we can solve this problem ? Is it related with the Sonar version we use ? Is related with GitLab executor ? Any guidance will be really appreciated.

Thank you all,

Ignacio

Hey there.

Super strange! On my end…

mvn sonar:sonar -Dsonar.projectKey=test
....
[INFO] Project key: test

I vaguely recall something about Powershell… but can’t find the post I’m thinking of. Can you try wrapping your sonar.projectKey value in quotes?

- mvn clean verify sonar:sonar -Dsonar.projectKey="MyRESTAPI123"

Hi @Colin

Thank you for your answer. I tried wrapping the sonar.projectKey value in quotes but I got the same output.

For what it’s worth, the GitLab Runner configuration is:

concurrent = 1
check_interval = 0
shutdown_timeout = 0

[session_server]
  session_timeout = 1800

[[runners]]
  name = "test-runner"
  url = "https://gitlab.xxxx/"
  id = 30
  token = xxxxxxxxxxxxxxxxx
  token_obtained_at = 2024-05-15T13:21:13Z
  token_expires_at = 0001-01-01T00:00:00Z
  executor = "shell"
  shell = "powershell"
  [runners.custom_build_dir]
  [runners.cache]
    MaxUploadedArchiveSize = 0
    [runners.cache.s3]
    [runners.cache.gcs]
    [runners.cache.azure]

I searched indeed for other posts related with this problem but i didn’t find anything relevant; if you find the post you were thinking of, could you please attach it ? On the other hand, do you know if it’s possible to set the projectKey as env-var in gitlab ?

Thank you,

Ignacio

Hi,

i’m no expert for gitlab, but i’m used to commands wrapped in single or double quotes.
see

"... For example, commands that contain a colon (:) must be wrapped in single quotes (') ..."

means try with

  script:
    - 'mvn clean verify sonar:sonar -Dsonar.projectKey=MyRESTAPI123'

Gilbert

1 Like

Hi @anon67236913

Thank you for your contribution, I tried it but it did not work. However, i continued debugging the execution and i found that, indeed, what happens is that, when the execution starts, a space is added between -Dsonar and .projectKey=MyRESTAPI123.

In this way, the project key is not considered by Sonar and it takes the workspace name as project key

[DEBUG] sun.boot.library.path: C:\Program Files\Java\jdk-21\bin
[DEBUG] sun.cpu.endian: little
[DEBUG] sun.cpu.isalist: amd64
[DEBUG] sun.io.unicode.encoding: UnicodeLittle
[DEBUG] sun.java.command: org.codehaus.plexus.classworlds.launcher.Launcher clean install sonar:sonar -Dsonar .projectKey=MyRESTAPI123 -X
[DEBUG] sun.java.launcher: SUN_STANDARD
[DEBUG] env.JAVACMD: C:\Program Files\Java\jdk-21\bin\java.exe
[DEBUG] env.JAVA_HOME: C:\Program Files\Java\jdk-21
[DEBUG] env.JVMCONFIG: \.mvn\jvm.config
[DEBUG] env.LOCALAPPDATA: C:\WINDOWS\system32\config\systemprofile\AppData\Local
[DEBUG] env.MAVEN_CMD_LINE_ARGS: clean install sonar:sonar -Dsonar .projectKey=MyRESTAPI123 -X
[DEBUG] env.MAVEN_HOME: C:\dev\apache-maven-3.9.6

Even, it’s considered as a build plan step for Maven:

[DEBUG] === REACTOR BUILD PLAN ================================================
[DEBUG] Project: dev.danvega:runnerz:jar:0.0.1-SNAPSHOT
[DEBUG] Tasks:   [clean, install]
[DEBUG] Style:   Regular
[DEBUG] -----------------------------------------------------------------------
[DEBUG] Project: dev.danvega:runnerz:jar:0.0.1-SNAPSHOT
[DEBUG] Tasks:   [sonar:sonar]
[DEBUG] Style:   Aggregating
[DEBUG] -----------------------------------------------------------------------
[DEBUG] Project: dev.danvega:runnerz:jar:0.0.1-SNAPSHOT
[DEBUG] Tasks:   [.projectKey=MyRESTAPI123]
[DEBUG] Style:   Regular
[DEBUG] =======================================================================

I thought it could be a problem related with my GitLab Runner’s executor: powershell, which parse wrongly the parameters. What do you think @Colin ? Can you find any other cause ?

Hi all,

Thank you for all your answers. I finally managed to find a way to solve my problem. As I suspected, it was related to how PowerShell treats command parameters. To recognize the projectKey, the CI script that worked is:

script:
    - 'mvn clean install sonar:sonar "-Dsonar.projectKey=MyRESTAPI123" -X'

the command is wrapped in single quotes, and the parameters are wrapped in double quotes, including the entire parameter, not just the value. I hope this helps in the future.

Thank you,

Ignacio

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.