We have been using SonarCloud for some time, but we are moving to using NixOS for our build images and we’ve hit an issue with sonar-scanner:
- ALM used: Bitbucket Cloud
- CI system used: Bitbucket Cloud
- Command:
sonar-scanner -X
- Languages: C, C++
- Version Info (from my test system):
08:47:05.085 INFO Scanner configuration file: /nix/store/nl1kjfmz0s1xzg5pk6yfsassg44w1ick-sonar-scanner-cli-6.2.1.4610/conf/sonar-scanner.properties
08:47:05.089 INFO Project root configuration file: /mnt/project/sonar-project.properties
08:47:05.110 INFO SonarScanner CLI 6.2.1-SNAPSHOT
08:47:05.111 INFO Java 21.0.5 N/A (64-bit)
08:47:05.115 INFO Linux 5.15.167.4-microsoft-standard-WSL2 amd64
- Error observed:
08:21:01.050 DEBUG Java memory after lexical analysis (used, peak): 91, 103
08:21:01.079 DEBUG Probing compiler: [/nix/store/rdc1jnyw74mwr2gszqc5zwi433zxs089-gcc-wrapper-13.2.0/bin/g++, -x, c++, --std, gnu++20, -v, -dM, -E, -]
08:21:01.104 DEBUG Java memory after analysis is done (used, peak): 93, 93
08:21:01.161 ERROR Error during SonarScanner Engine execution
java.lang.IllegalStateException: java.io.IOException: Cannot run program "/mnt/project/.scannerwork/.sonartmp/6113319928782672617/subprocess" (in directory "/mnt/project/build/cxx/common"): error=2, No such file or directory
at com.sonar.cpp.driver.ProcessExecutor.execute(ProcessExecutor.java:73)
at com.sonar.cpp.driver.ProcessExecutor.execute(ProcessExecutor.java:44)
Digging through the logs a bit, it seems that this “subprocess” executable, is an analyzer downloaded partway through the scan. My best guess is that “No such file or directory” isn’t quite right, but rather “subprocess” cannot be run due to linkage. This would be because NixOS doesn’t easily allow for dynamic binaries. It is not a FHS system meaning that downloaded binaries won’t be able to find typical system libraries without first being patched with patchelf
.
The executable that is downloaded appears to be temporary, existing only while the sonar-scanner run is going. This makes it very difficult/impossible to patch.
Has something like this been reported before? Are there any workarounds or settings I’m missing?