Sonar scanner dotnet passing certificate/keystore in a secured server

SonarQube
, ,
1

Hello everyone, i’m looking for help with this scenario, thanks in advance.

Two projects and i’m trying the following in Windows 10
Execute Sonar Scan using SonarScanner CLI (Successful)
Execute Sonar Scan using SonarScanner dotnet (Fails)

The server is secured so it needs the proper certificate, for that the “SONAR_SCANNER_OPTS” environment variable is being used.

Using Sonar Scanner CLI

Result WITH NO environment variable “SONAR_SCANNER_OPTS” (Fails)

sonar-scanner.bat -X
INFO: Scanner configuration file: C:\Users\ADMIN\sonar-scanner-4.6.2.2472\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: C:\Users\ADMIN\SonarCli\sonar-project.properties
INFO: SonarScanner 4.6.2.2472
INFO: Java 11.0.12 Eclipse Foundation (64-bit)
INFO: Windows 10 10.0 amd64
DEBUG: keyStore is :
DEBUG: keyStore type is : pkcs12
DEBUG: keyStore provider is :
DEBUG: init keystore
DEBUG: init keymanager of type SunX509
DEBUG: Create: C:\Users\ADMIN\.sonar\cache
INFO: User cache: C:\Users\ADMIN\.sonar\cache
DEBUG: Create: C:\Users\ADMIN\.sonar\cache\_tmp
DEBUG: Extract sonar-scanner-api-batch in temp...
DEBUG: Get bootstrap index...
DEBUG: Download: https://myserver.com/batch/index
DEBUG: Get bootstrap completed
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 1.829s
INFO: Final Memory: 4M/20M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarScanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
        at java.base/java.security.AccessController.doPrivileged(Native Method)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
        at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
        at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
        at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
        at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Fail to parse entry in bootstrap index: <!DOCTYPE html>
        at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.parse(BootstrapIndexDownloader.java:59)
        at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:44)
        at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
        at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
        at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
        ... 7 more

Result WITH environment variable “SONAR_SCANNER_OPTS” (Succeeds)

sonar-scanner.bat -X
INFO: Scanner configuration file: C:\Users\ADMIN\sonar-scanner-4.6.2.2472\bin\..\conf\sonar-scanner.properties
INFO: Project root configuration file: C:\Users\ADMIN\SonarCli\sonar-project.properties
INFO: SonarScanner 4.6.2.2472
INFO: Java 11.0.12 Eclipse Foundation (64-bit)
INFO: Windows 10 10.0 amd64
INFO: SONAR_SCANNER_OPTS=-Djavax.net.ssl.keyStore=keystore.pfx -Djavax.net.ssl.keyStorePassword=mypassword
DEBUG: keyStore is : keystore.pfx
DEBUG: keyStore type is : pkcs12
DEBUG: keyStore provider is :
DEBUG: init keystore
DEBUG: init keymanager of type SunX509
DEBUG: Create: C:\Users\ADMIN\.sonar\cache
INFO: User cache: C:\Users\ADMIN\.sonar\cache
DEBUG: Create: C:\Users\ADMIN\.sonar\cache\_tmp
DEBUG: Extract sonar-scanner-api-batch in temp...
DEBUG: Get bootstrap index...
DEBUG: Download: https://myserver.com/batch/index
DEBUG: Get bootstrap completed
DEBUG: Create isolated classloader...
DEBUG: Start temp cleaning...
DEBUG: Temp cle............

So far so good, sonar scanner cli is working!

Using Sonar Scaner dotnet global tool

Result WITH environment variable “SONAR_SCANNER_OPTS” (Fails)

dotnet sonarscanner begin /k:"sonardotnet" /d:sonar.verbose=true /d:"sonar.login=123" /d:"sonar.host.url=https://myserver.com"
SonarScanner for MSBuild 5.3.1
Using the .NET Core version of the Scanner for MSBuild
Default properties file was found at C:\Users\ADMIN\.dotnet\tools\.store\dotnet-sonarscanner\5.3.1\dotnet-sonarscanner\5.3.1\tools\net5.0\any\SonarQube.Analysis.xml
Loading analysis properties from C:\Users\ADMIN\.dotnet\tools\.store\dotnet-sonarscanner\5.3.1\dotnet-sonarscanner\5.3.1\tools\net5.0\any\SonarQube.Analysis.xml
sonar.verbose=true was specified - setting the log verbosity to 'Debug'
Pre-processing started.
Preparing working directories...
Using environment variables to determine the download directory...
Loading analysis properties from C:\Users\ADMIN\.dotnet\tools\.store\dotnet-sonarscanner\5.3.1\dotnet-sonarscanner\5.3.1\tools\net5.0\any\SonarQube.Analysis.xml
sonar.verbose=true was specified - setting the log verbosity to 'Debug'
 Updating build integration targets...
 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\ADMIN\AppData\Local\Microsoft\MSBuild\4.0\Microsoft.Common.targets\ImportBefore
The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\ADMIN\AppData\Local\Microsoft\MSBuild\10.0\Microsoft.Common.targets\ImportBefore
 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\ADMIN\AppData\Local\Microsoft\MSBuild\11.0\Microsoft.Common.targets\ImportBefore
 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\ADMIN\AppData\Local\Microsoft\MSBuild\12.0\Microsoft.Common.targets\ImportBefore
 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\ADMIN\AppData\Local\Microsoft\MSBuild\14.0\Microsoft.Common.targets\ImportBefore
 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\ADMIN\AppData\Local\Microsoft\MSBuild\15.0\Microsoft.Common.targets\ImportBefore
 The file SonarQube.Integration.ImportBefore.targets is up to date at C:\Users\ADMIN\AppData\Local\Microsoft\MSBuild\Current\Microsoft.Common.targets\ImportBefore
 Installed SonarQube.Integration.targets to C:\Users\ADMIN\SonarDotnet\.sonarqube\bin\targets
 Creating config and output folders...
 Creating directory: C:\Users\ADMIN\SonarDotnet\.sonarqube\conf
 Creating directory: C:\Users\ADMIN\SonarDotnet\.sonarqube\out
 Downloading from https://myserver.com/api/server/version...
 Failed to request and parse 'https://myserver.com/api/server/version': Version string portion was too short or too long. (Parameter 'input')
Unhandled exception. System.ArgumentException: Version string portion was too short or too long. (Parameter 'input')
   at System.Version.ParseVersion(ReadOnlySpan'1 input, Boolean throwOnFailure)
   at System.Version.Parse(String input)
   at System.Version..ctor(String version)
   at SonarScanner.MSBuild.PreProcessor.SonarWebService.<>c__DisplayClass18_0.<<DownloadServerVersion>b__0>d.MoveNext()
--- End of stack trace from previous location ---
   at SonarScanner.MSBuild.PreProcessor.SonarWebService.DoLogExceptions[T](Func`1 op, String url)
   at SonarScanner.MSBuild.PreProcessor.SonarWebService.DownloadServerVersion()
   at SonarScanner.MSBuild.PreProcessor.SonarWebService.GetServerVersion()
   at SonarScanner.MSBuild.PreProcessor.SonarWebService.WarnIfSonarQubeVersionIsDeprecated()
   at SonarScanner.MSBuild.PreProcessor.TeamBuildPreProcessor.DoExecute(ProcessedArgs localSettings)
   at SonarScanner.MSBuild.PreProcessor.TeamBuildPreProcessor.Execute(String[] args)
   at SonarScanner.MSBuild.BootstrapperClass.PreProcess()
   at SonarScanner.MSBuild.BootstrapperClass.Execute()
   at SonarScanner.MSBuild.Program.Execute(String[] args, ILogger logger)
   at SonarScanner.MSBuild.Program.Execute(String[] args)
   at SonarScanner.MSBuild.Program.Main(String[] args)
   at SonarScanner.MSBuild.Program.<Main>(String[] args)

I have tried the following

dotnet sonarscanner begin /k:"sonardotnet" /d:sonar.verbose=true /d:"sonar.login=123" /d:"sonar.host.url=https://myserver.com"
dotnet sonarscanner begin /k:"sonardotnet" /d:sonar.verbose=true /d:sonar.login="123" /d:sonar.host.url="https://myserver.com"
dotnet sonarscanner begin /k:"sonardotnet" /s:"C:\Users\ADMIN\SonarDotnet\SonarProperties.xml"

Every command results in the same error
The obvious question would be, What happens when i hit the link https://myserver.com/api/server/version ?, well, it returns the version it’s working just fine

Now, SONAR_SCANNER_OPTS works with sonarscanner cli but it doesn’t work on sonarscanner dotnet

How do i provide the certificates/keystore to sonar scanner dotnet?

Additional info, i have the certs on these formats: *.pfx, *.pkcs12, both are working just fine using the sonar scanner cli version

What am i missing? How do i pass the certificates properly to the sonar scanner dotnet?

Thanks for reading, i’m open to suggestions and different approaches.

2

I also tried installing the certificate on windows, tried converting it and nothing.

How do i setup this properly with sonar scanner dotnet?

3

Found it on the source code
Just pass this parameters
sonar.clientcert.path
sonar.clientcert.password

... /d:sonar.clientcert.path="CERTPATH" /d:sonar.clientcert.password="CERTPASS"
2 Likes
6

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

7

Hello @HaroldReese

We just released a new version of SonarScanner for MSBuild (5.3.2). In this release the parameter handling was aligned for all parameters. Meaning it has a breaking change for all the users who are using the sonar.clientcert.password parameter. From this version the sonar.clientcert.password parameter has to be passed to both the begin and the end steps.