my script to run sonar scanner before build
image: atlassian/default-image:2
sonarqube: &sonarqube
step:
name: SonarQube analysis
image: mcr.microsoft.com/dotnet/sdk:6.0
services:
- docker
caches:
- dotnetcore
script:
- apt-get update
- mkdir -p /usr/share/man/man1
- apt-get install --yes openjdk-11-jre
- dotnet tool install --global dotnet-sonarscanner
- export PATH="$PATH:/root/.dotnet/tools"
- dotnet sonarscanner begin /k:"*******8" /d:"sonar.login=${SONAR_TOKEN}" /d:"sonar.host.url=${SONAR_HOST_URL}" /d:sonar.verbose=true
- dotnet restore ./Src/********* -s https://nuget.******.com/v3/index.json -s https://api.nuget.org/v3/index.json --ignore-failed-sources
- dotnet build ./Src/*********** -c Release
- dotnet sonarscanner end /d:"sonar.login=${SONAR_TOKEN}"
It’s throwing sonar scanner execution failure error
+ dotnet sonarscanner end /d:"sonar.login=${SONAR_TOKEN}"
SonarScanner for MSBuild 5.6
Using the .NET Core version of the Scanner for MSBuild
Post-processing started.
14:10:10.527 14:10:10.524 Uninstalling target: /opt/atlassian/pipelines/agent/build/.sonarqube/bin/targets/SonarQube.Integration.targets
14:10:10.527 14:10:10.527 sonar.verbose=true was specified - setting the log verbosity to 'Debug'
14:10:10.527 Loading the SonarQube analysis config from /opt/atlassian/pipelines/agent/build/.sonarqube/conf/SonarQubeAnalysisConfig.xml
14:10:10.527 Not running under TeamBuild
14:10:10.527 Analysis base directory: /opt/atlassian/pipelines/agent/build/.sonarqube
Build directory:
Bin directory: /opt/atlassian/pipelines/agent/build/.sonarqube/bin
Config directory: /opt/atlassian/pipelines/agent/build/.sonarqube/conf
Output directory: /opt/atlassian/pipelines/agent/build/.sonarqube/out
Config file: /opt/atlassian/pipelines/agent/build/.sonarqube/conf/SonarQubeAnalysisConfig.xml
14:10:10.529 Generating SonarQube project properties file to /opt/atlassian/pipelines/agent/build/.sonarqube/out/sonar-project.properties
14:10:10.56 Setting analysis property: sonar.visualstudio.enable=$IS_RELEASE
14:10:10.605 The supplied Code Analysis ErrorLog file is a valid json file and does not need to be fixed: /opt/atlassian/pipelines/agent/build/.sonarqube/out/0/Issues.json
14:10:10.621 Using longest common projects root path as project base directory: '/opt/atlassian/pipelines/agent/build/Src/web****'.
14:10:10.626 14:10:10.626 WARNING: File '/opt/atlassian/pipelines/agent/build/Src/.dockerignore' is not located under the root directory '/opt/atlassian/pipelines/agent/build/Src/web****' and will not be analyzed.
14:10:10.626 File was referenced by the following projects: '/opt/atlassian/pipelines/agent/build/Src/web****/web****.csproj'.
14:10:10.632 Dumping content of sonar-project.properties
------------------------------------------------------------------------
sonar.projectKey=web****
sonar.working.directory=/opt/atlassian/pipelines/agent/build/.sonarqube/out/.sonar
sonar.projectBaseDir=/opt/atlassian/pipelines/agent/build/Src/web****
C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E.sonar.projectKey=web****:C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E
C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E.sonar.projectName=web****
C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E.sonar.projectBaseDir=/opt/atlassian/pipelines/agent/build/Src/web****
C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E.sonar.sourceEncoding=utf-8
C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E.sonar.sources=\
"/opt/atlassian/pipelines/agent/build/Src/.web****/Contracts/I*******Service.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Contracts/IHereService.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Controllers/*******Controller.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Extension/DependencyInjections.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Extension/ExceptionMiddleware.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/********eViewModel.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/Constants/AppSettingKeys.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/Constants/ESQueries.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/Error.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/ES******ViewSuggestions/********Suggestion.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/ES******ViewSuggestions/********Views.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/Here/Here*******Reponse.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/Iatasuggest.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/Mapper/****Mapper.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/Suggestion.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Models/V5Response.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Program.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Services/*******Service.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Services/HereService.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Startup.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/obj/Release/net6.0/.NETCoreApp,Version=v6.0.AssemblyAttributes.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/obj/Release/net6.0/web****.AssemblyInfo.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/obj/Release/net6.0/web****.MvcApplicationPartsAssemblyInfo.cs",\
"/opt/atlassian/pipelines/agent/build/Src/web****/appsettings.Development.json",\
"/opt/atlassian/pipelines/agent/build/Src/web****/appsettings.json",\
"/opt/atlassian/pipelines/agent/build/Src/web****/Dockerfile",\
"/opt/atlassian/pipelines/agent/build/Src/web****/obj/Release/net6.0/apphost"
C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E.sonar.cs.analyzer.projectOutPaths=\
"/opt/atlassian/pipelines/agent/build/.sonarqube/out/0"
C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E.sonar.cs.roslyn.reportFilePaths=\
"/opt/atlassian/pipelines/agent/build/.sonarqube/out/0/Issues.json"
C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E.sonar.working.directory=/opt/atlassian/pipelines/agent/build/.sonarqube/out/.sonar/mod0
sonar.host.url=https://sonarqube.******.com/
sonar.visualstudio.enable=$IS_RELEASE
sonar.modules=C6B4BA9D-D5E3-4D58-9400-8E97448D6E5E
------------------------------------------------------------------------
14:10:10.635 Writing processing summary to /opt/atlassian/pipelines/agent/build/.sonarqube/out/ProjectInfo.log
Calling the SonarScanner CLI...
Executing file /root/.dotnet/tools/.store/dotnet-sonarscanner/5.6.0/dotnet-sonarscanner/5.6.0/tools/net5.0/any/sonar-scanner-4.6.2.2472/bin/sonar-scanner
Args: -Dsonar.scanAllFiles=true -Dproject.settings=/opt/atlassian/pipelines/agent/build/.sonarqube/out/sonar-project.properties --from=ScannerMSBuild/5.6 --debug <sensitive data removed>
Working directory: /opt/atlassian/pipelines/agent/build
Timeout (ms):-1
Process id: 3124
14:10:10.754 INFO: Scanner configuration file: /root/.dotnet/tools/.store/dotnet-sonarscanner/5.6.0/dotnet-sonarscanner/5.6.0/tools/net5.0/any/sonar-scanner-4.6.2.2472/conf/sonar-scanner.properties
14:10:10.756 INFO: Project root configuration file: /opt/atlassian/pipelines/agent/build/.sonarqube/out/sonar-project.properties
14:10:10.780 INFO: SonarScanner 4.6.2.2472
14:10:10.780 INFO: Java 11.0.15 Debian (64-bit)
14:10:10.780 INFO: Linux 5.13.0-1022-aws amd64
14:10:10.919 DEBUG: keyStore is :
14:10:10.919 DEBUG: keyStore type is : pkcs12
14:10:10.919 DEBUG: keyStore provider is :
14:10:10.919 DEBUG: init keystore
14:10:10.920 DEBUG: init keymanager of type SunX509
14:10:11.032 DEBUG: Create: /root/.sonar/cache
14:10:11.033 INFO: User cache: /root/.sonar/cache
14:10:11.033 DEBUG: Create: /root/.sonar/cache/_tmp
14:10:11.035 DEBUG: Extract sonar-scanner-api-batch in temp...
14:10:11.037 DEBUG: Get bootstrap index...
14:10:11.037 DEBUG: Download: https://sonarqube.**********.com/batch/index
14:10:11.557 INFO: ------------------------------------------------------------------------
14:10:11.558 INFO: EXECUTION FAILURE
14:10:11.558 INFO: ------------------------------------------------------------------------
14:10:11.557 ERROR: SonarQube server [https://sonarqube.**********.com] can not be reached
14:10:11.558 INFO: Total time: 0.823s
14:10:11.575 INFO: Final Memory: 4M/24M
14:10:11.576 INFO: ------------------------------------------------------------------------
14:10:11.576 ERROR: Error during SonarScanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
... 7 more
Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:353)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:296)
at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:291)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175)
at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:183)
at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:172)
at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1506)
at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1416)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:456)
at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:427)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectTls(RealConnection.java:336)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connect(RealConnection.java:185)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.Transmitter.newExchange(Transmitter.java:169)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:81)
at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:115)
at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
... 10 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:439)
at java.base/sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:306)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:222)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129)
at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1341)
... 44 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.base/java.security.cert.CertPathBuilder.build(CertPathBuilder.java:297)
at java.base/sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:434)
... 50 more
Process returned exit code 1
The SonarScanner did not complete successfully
14:10:11.61 Post-processing failed. Exit code: 1
Skipping cache upload for failed step
Searching for test report files in directories named [test-results, failsafe-reports, test-reports, TestResults, surefire-reports] down to a depth of 4
Finished scanning for test reports. Found 0 test report files.
Merged test suites, total number tests is 0, with 0 failures and 0 errors.
Please help me on this to resolve??
it’s showing SSL issue as well , but I configured SSL cert manually on a server and can able to access sonarqube server on browser.
but , why this is failing ??