Sonarqube: Error occurred while querying the server version in Gitlab-CI

Ed87 · May 31, 2023, 1:45pm

0

I have a Sonarqube deployment running on Tanzu Kubernetes. For this Sonarqube deployment I have setup a Gitlab-CI pipeline to run a sonar-scan on a .Net 6 API.

When I execute the GitlabCI pipeline I am getting an error :

$ cd /root/.dotnet/tools
$ ./dotnet-sonarscanner begin /k:"gl" /d:sonar.login="$SONAR_TOKEN" /d:"sonar.host.url=$SONAR_HOST_URL"
SonarScanner for MSBuild 5.13
Using the .NET Core version of the Scanner for MSBuild
Pre-processing started.
Preparing working directories...
12:06:38.194  Updating build integration targets...
12:06:38.428  Downloading from http://XX.X.XX.XX:9000/api/server/version failed. Http status code is Forbidden.
12:06:38.431  An error occured while querying the server version! Please check if the server is running and if the address is correct.
12:06:38.434  Pre-processing failed. Exit code: 1
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: command terminated with exit code 1

The GitlabCI pipeline is as below:

before_script:


- 'dotnet restore --packages $NUGET_PACKAGES_DIRECTORY'

build_job:
  tags:
    - orion
  only:
    - sonarqube
  stage: build
  script:
    - dotnet build --configuration Release --no-restore

publish_job:
  tags:
    - orion
  only:
    - sonarqube
  stage: publish
  artifacts:
      name: "$CI_COMMIT_SHA"
      paths:
        - ./$PUBLISH_DIR
  script:
    - dotnet publish ./src --configuration Release --output $(pwd)/$PUBLISH_DIR

analyze_job:
  tags:
    - orion
  only:
    - sonarqube
  stage: analyze
  image:
    name: golide/net6-sonar:0.1.1
  variables:
    # Defines the location of the analysis task cache
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"
    GIT_DEPTH: 0
  cache:
    key: "${CI_JOB_NAME}"
    paths:
      - .sonar/cache
  script:
    - "cd /root/.dotnet/tools"
    - "./dotnet-sonarscanner begin /k:\"gl\" /d:sonar.login=\"$SONAR_TOKEN\" /d:\"sonar.host.url=$SONAR_HOST_URL\" "
    - "dotnet build"
    - "./dotnet-sonarscanner end /d:sonar.login=\"$SONAR_TOKEN\""
  allow_failure: true

I am using a custom .Net 6 image (golide/net6-sonar:0.1.1) with sonar tooling as follows :

    FROM mcr.microsoft.com/dotnet/sdk:6.0
    RUN dotnet tool install --global dotnet-sonarscanner
    RUN echo $PATH
    RUN export ENV PATH="$PATH:/root/.dotnet/tools"
    RUN echo $PATH

The Sonarqube instance is already accessible from the rest of the internet (exposed via Kubernetes LoadBalancer service) and it is on the same network as the GitlabCI server.

What I have done:

Configured SONAR_TOKEN in the GitLab CI pipeline project
Configured SONAR_HOST_URL in the GitLab CI pipeline project
Configured sonar-project.properties in my project as below :

    sonar.projectKey=my_oasys
    sonar.projectName=oasys
    sonar.projectVersion=1.0
    
    # Comma-separated paths to directories containing the source code (required)
    sonar.sources=.
    
    # Language and plugin settings
    sonar.language=cs
    sonar.cs.analyzer.projectOutPathsEnabled=true
    
    # Encoding of the source files
    sonar.sourceEncoding=UTF-8
    
    # Analysis exclusions (optional)
    sonar.exclusions=**/bin/**/*, **/obj/**/*
    
    # Test exclusions (optional)
    sonar.test.exclusions=**/*Test.cs
    
    # SonarQube server URL (adjust as per your setup)
    sonar.host.url=http://xx.x.xx.xx:9000

VERSIONS Sonarqube version - Version 7.1.0.11001 Postgres version - 10.4 (Debian 10.4-2.pgdg90+1)

What am I missing ?

Colin · June 1, 2023, 10:08am

What happens if you try to curl the same address in the same script block (http://XX.X.XX.XX:9000/api/server/version)?

Ed87 · June 1, 2023, 12:37pm

@Colin The issue is that the gitlab runner is behind proxy , but I have already set the no_proxy variable to include the SONAR_HOST_URL . Regardless of that it still is giving error as in the GitlabCI log below :

$ echo ${no_proxy}
no_proxy=localhost,127.0.0.1,xx.x.x.x/x,.local,.svc,.svc.cluster.local,.xx.xxxx.com,xx.xx.xx.xx:9000
$ curl http://xx.x.xx.xx:9000/api/server/version
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0<!DOCTYPE html>
<html>
  <head>
    <title>ERROR: The requested URL could not be retrieved</title>
  </head>
  <body style="position:absolute; z-index:0; left:0%; top:0%; width:100%; height:100%;"  >
...
...
Access control configuration prevents your request from being allowed at this time.</tspan><tspan id="tspan3069" x="123.16991" style="font-size:11.83706951px;fill:#666666;" y="798.83643">Please contact your service provider if you feel this is incorrect. Your cache administrator is xxx@xx.xxx.com.</tspan></text> </g></svg>
  </body>
</html>

I have added a variable no_proxy to the GitLab project and my pipeline now looks like this :

analyze_job:
  tags:
    - orion
  only:
    - sonarqube
  stage: analyze
  image:
    name: golide/net6-sonar:0.1.1
  variables:
    # Defines the location of the analysis task cache
    SONAR_USER_HOME: "${CI_PROJECT_DIR}/.sonar"
    GIT_DEPTH: 0
  cache:
    key: "${CI_JOB_NAME}"
    paths:
      - .sonar/cache
  script:
    - "echo ${no_proxy}"
    - "curl http://xx.x.xx.xx:9000/api/server/version"
    - "cd /root/.dotnet/tools"
    - "./dotnet-sonarscanner begin /k:\"gl\" /d:sonar.login=\"$SONAR_TOKEN\" /d:\"sonar.host.url=$SONAR_HOST_URL\" "
    - "dotnet build"
    - "./dotnet-sonarscanner end /d:sonar.login=\"$SONAR_TOKEN\""
  allow_failure: true

PS: The echo shows that SONAR_HOST_URL has been successfully added to the list
of whitelisted IPs

Ed87 · June 1, 2023, 12:39pm

@Colin is they another way to validate my SONAR_TOKEN ? But I still think this is my connectivity issue and not something from Sonarqube side . Do I need to set some configs in the SonarQube UI - like CI token , or CI URL ?