Sonarqube 10.3 = sonar-maven required class was missing javax/servlet/Filter

SonarQube Server / Community Build
,
24

Yes, that’s the mentioned SONAR-19996 from my last post
https://sonarsource.atlassian.net/browse/SONAR-19996

So, maybe the problems are gone with 10.4 !?

25

I doubt it. If the plugin hasn’t declared the when-to-download properties, it’s downloaded by default.

 
Ann

26

hi Ann,

Note that if you want to look at the source, the version for Sonarqube 10.x is currently at Fix #6 for sonarqube 10.2 by evernat · Pull Request #7 · javamelody/sonar-javamelody · GitHub

In the previous version, there was a try catch in the getExtensions() method:

		} catch (final Throwable t) {
			// the plugin is installed when doing sonar analysis on a project !
			// but fails to load the class javax.servlet.Filter,
			// so ignoring the problem in a sonar analysis
		}

and I thought that it was not necessary anymore when using @ org.sonar.api.server.ServerSide.
Given the stack-trace above, I have now added a try catch again in the define(Plugin.Context) method.

The servlet filter of sonar-javamelody extends Sonarqube’s ServletFilter, which has @ org.sonar.api.server.ServerSide. Is it supposed to be enough to fix the download of plugin issue in Maven with Sonarqube 10.3 or in Sonarqube 10.4?

Otherwise what are the “when-to-download properties”? I don’t know what they are. Do you have doc for that?

2 Likes
27

Hi Vernat :wave: (and thank you for entering the conversation here, too!)

purely out of personal curiosity … would you maybe be willing to elaborate on the architectural reasons why it is necessary to extend SQs ServletFilter? IIUC this might be the root cause for errors in other ppls plugin-code, too? So it might be helpful to understand the decision that makes one do this.

e.g.: why is “which has @org.sonar.api.server.ServerSide” important? (tbh, i do not know much about SQ-Plugin-Building. But i like to drill into stuff like this to learn about it)

28

Hi,

there are 3 relevant Jira tickets for the plugin download problem that have fix version 10.4
https://sonarsource.atlassian.net/browse/SONAR-19996
has

How

This could be achieved in different ways, which are not mutually exclusive:

  • Add a boolean in the sonar-plugin-api for plugins to declare if they should be downloaded/used by the scanner (this will help exclude automatically plugins such as authentication plugins)

means there maybe a change in sonar-plugin-api.

https://sonarsource.atlassian.net/browse/SONAR-21197

https://sonarsource.atlassian.net/browse/SONAR-21194

i guess Ann’s statement refers to the first ticket.

Gilbert

29

Hi,

just tested the version 1.95.03

and it works :slight_smile: :ok_hand:

[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------

Gilbert

30

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.