SonarLint "Open in IDE" error - VScode

Please provide

  • Operating system: Windows 11
  • SonarLint plugin version: Latest one installed on 15-July-2023 (just less than a week ago)
  • Programming language you’re coding in: PHP
  • Is connected mode used: Yes
    • Connected to SonarCloud or SonarQube (and which version):
      SonarQube 9.9 community edition

And a thorough description of the problem / question:

SonarLint is connected with SonarQube server and project is binded.
Getting this error “Unable to connect to your IDE to open Security Hotspot, please make sure you are running the latest version of SonarLine” on clicking “Open in IDE”

VScode version details:
Version: 1.80.0 (user setup)
Commit: 660393deaaa6d1996740ff4880f1bad43768c814
Date: 2023-07-04T15:06:02.407Z
Electron: 22.3.14
ElectronBuildId: 21893604
Chromium: 108.0.5359.215
Node.js: 16.17.1
V8: 10.8.168.25-electron.0
OS: Windows_NT x64 10.0.19045

Hello @Neelamegha_kannan_S

I checked with the latest SonarLint for VSCode and SonarQube 9.9. It works on my side, so it’s something doesn’t work as expected on your machine.
First I’ll mention that Open in IDE feature relies on local HTTP requests. So both - browser with an open SonarQube page and IDE with SonarLint should be on the same machine. If it’s the case, this is the communication problem between the browser and SonarLint.
This may be a bit involved to troubleshoot, but let’s try. It will require some basic knowledge of Browser Dev Tools.
Steps to check:

  1. Do you see in your SonarLint output the following line?
    Started embedded server on port 64122
    The port number may be a bit different, but words are always exactly like above.

  2. If you click on Open in IDE button on SonarQube page, do you see the dropdown list like this one?

  3. Please open Network tab of Browser Dev Tools. When you click on Open in IDE button, or click on one of the items in the list above (if you have this list), you should see in Dev Tools the GET request to URL similar to the following:
    http://localhost:64122/sonarlint/api/hotspots/show?server=http%3A%2F%2Flocalhost%3A9000&project=java-demo&hotspot=AYgGGbjDRWsnVXUxf3J2
    Again port and parameter values will be different, but the overall structure should be like above.

  4. If you see the request please check what is the response code if it’s not 200.

  5. If the request is there and the response code is 200, please look at the SonarLint output again and check if there is any error message or stack trace.

As I said it’s a bit involved, so it’s up to you to decide if you want to do it. But by performing all these actions you should collect enough data for us to understand what exactly is not working right.

Have a good day!

Thanks for the details, I have tried integration of sonarqube and sonarlint in same machine which worked perfectly, when I tried to integrate with SonarQube that was hosted in EC2 instance, it gives error. So, it seems that’s the issue here, right?

SonarQube server can be hosted everywhere. It’s important to open the SonarQube web interface in the browser from the same machine where you have SonarLint. It’s the browser that sends requests to SonarLint in this case, not the SonarQube server.

Got it. Thanks for clarification. Sonarqube web interface and IDE are in same machine, I shall troubleshoot using the step you’ve provided and let you know.

1 Like

If your question is about SonarLint in the IntelliJ Platform, VS Code, Visual Studio, or Eclipse, please post it in that sub-category.

Otherwise, please provide:

  • Operating system: Windows 11
  • IDE name and flavor/env:
    VSCode latest
    And a thorough description of the problem / question:

Getting below error while clicking open in IDE, Network tab in the console shows

"Access to fetch at ‘http://localhost:64120/sonarlint/api/status’ from origin ‘http://’ has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space local.

sonarlint.ts:31
GET http://localhost:64124/sonarlint/api/status net::ERR_CONNECTION_REFUSED"

Note: This is not localhost sonarqube server where VSCode is installed, but server hosted at different location.

I have added screenshots and console response from network tab, can you please have look and provide any suggestions

The error resembles CORS error as the sonarqube is hostein in a different location not the local host, same error was not happened when both sonarqube was in localhost,

Hello,
Just to double-check. Is this topic created by you?
I don’t see any screenshots here, and that topic looks related. But it was created by another user.

Thats new user account created by myself, the account used for the current topic have some issues. I may not use it further.

Topics were merged.
For the CORS error I’ve created the ticket that we will address when we will have time.
You can track the progress here.

1 Like

Thank you, btw did you get a chance to check the console error screenshot. The error says “… CORS Policy: The request to the client is not a secure”, does that mean the request was blocked as the server is running as HTTP instead of HTTPS?

I am attaching another screenshot which I missed to add which can help as well

Hello @nmk_kannan ,

As part of the Private Network Access specification from Chrome (previously CORS-RFC1918), any request made from a non-secure public website to a private network (localhost included) will be blocked.

This should be mitigated if your SonarQube server runs with HTTPS instead of HTTP.

On our side, we will also work on mitigating this issue so that, during the CORS preflight requests, we specifically indicate that the resource can be safely shared with external networks.

2 Likes

Thank you.