SonarQube fails with Invalid hash

SonarQube Server / Community Build
1

I’m running SonarQube in a Github Action. The download is:

    - name: Download and install the SonarScanner
      shell: bash
      continue-on-error: true
      env:
        SONAR_SCANNER_VERSION: 4.6.2.2472
      run: |
        curl -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-${{ env.SONAR_SCANNER_VERSION }}-linux.zip
        unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
        echo "$HOME/.sonar/sonar-scanner-${{ env.SONAR_SCANNER_VERSION }}-linux/bin" >> $GITHUB_PATH

but occasionally the scan after it fails with something like this:

org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
	at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
	at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
	at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: INVALID HASH: File /home/runner/.sonar/cache/_tmp/fileCache3222856470631222344.tmp was expected to have hash ae4656af0eff37c75bf7d4812e880c16 but was downloaded with hash 1f762cd50d2cf30835b62fbed91f1a4c
	at org.sonarsource.scanner.api.internal.cache.FileCache.get(FileCache.java:87)
	at org.sonarsource.scanner.api.internal.JarDownloader.lambda$getScannerEngineFiles$0(JarDownloader.java:60)
	at java.base/java.util.stream.ReferencePipeline$3$1.accept(Unknown Source)
	at java.base/java.util.ArrayList$ArrayListSpliterator.forEachRemaining(Unknown Source)
	at java.base/java.util.stream.AbstractPipeline.copyInto(Unknown Source)
	at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown Source)
	at java.base/java.util.stream.ReduceOps$ReduceOp.evaluateSequential(Unknown Source)
	at java.base/java.util.stream.AbstractPipeline.evaluate(Unknown Source)
	at java.base/java.util.stream.ReferencePipeline.collect(Unknown Source)
	at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:61)
	at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
	... 7 more

Is this a caching problem? I thought I was downloading the binary everytime?

2

Hey there.

I’m going to defer to my colleague’s response the last time this error was reported.

3

This problem disappeared for a while but is back now. It’s intermittent - sometimes a build will show this then the next build will work.

Is there a simple way of repeating the build if this happens? Can I just call sonar-scanner again or do I need to clean some directories to get rid of the ‘bad’ .tmp files?

4

I tried using Retrying a bash command - Meziantou's blog to rerun sonar-scanner if it failed, but it never repeats. I guess the exception is evading the check.

Log:
logs_30717381263.zip (146.2 KB)

5

Hey @Tom_Isaacson2

I’d suggest a few things:

  • You’re running a pretty old version of the scanner. v4.6.2 (released April 2021). I recommend you use the latest (v6.2.1).
  • At least in this run, the issue seems to be on the community-supported sonar-checkstyle plugin:
2024-11-10T20:11:27.6864614Z 20:11:27.686 DEBUG: GET 200 https://sonarqube-ee.mot-solutions.com/api/plugins/download?plugin=checkstyle | time=205ms

Is the issue always on this plugin? If so, you may want to make sure you have the latest version installed or raise an issue with the maintainer.

Finally, I’d be remiss not to tell you that as a Data Center Edition user, you (or somebody you can probably reach) has access to Sonar Commercial Support. Our community is great, but not a replacement for the structured support your organization is paying for.

6

I updated sonar-scanner but it still fails - now it’s the detekt plugin but that’s archived. Is there some way to disable these extras?

21:26:36.534 ERROR Error during SonarScanner CLI execution
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@1f010bf0-org.sonar.scanner.bootstrap.ScannerPluginRepository': Initialization of bean failed; nested exception is java.lang.IllegalStateException: Fail to download plugin [detekt]. File /home/runner/.sonar/_tmp/fileCache4484223101784617575.tmp was expected to have checksum 7bf35ce9a62eda7b68ee2745ed9edd2a but had c08835df52cae63e77087db9e417ce58
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:628)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:955)
	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:920)
	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583)
	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:187)
	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
	at org.sonarsource.scanner.lib.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:41)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
	at org.sonarsource.scanner.lib.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:62)
	at jdk.proxy3/jdk.proxy3.$Proxy2.execute(Unknown Source)
	at org.sonarsource.scanner.lib.InProcessScannerEngineFacade.doAnalyze(InProcessScannerEngineFacade.java:39)
	at org.sonarsource.scanner.lib.ScannerEngineFacade.analyze(ScannerEngineFacade.java:61)
	at org.sonarsource.scanner.cli.Main.analyze(Main.java:77)
	at org.sonarsource.scanner.cli.Main.main(Main.java:63)
Caused by: java.lang.IllegalStateException: Fail to download plugin [detekt]. File /home/runner/.sonar/_tmp/fileCache4484223101784617575.tmp was expected to have checksum 7bf35ce9a62eda7b68ee2745ed9edd2a but had c08835df52cae63e77087db9e417ce58
	at org.sonar.scanner.bootstrap.PluginFiles.download(PluginFiles.java:105)
	at org.sonar.scanner.bootstrap.PluginFiles.get(PluginFiles.java:82)
	at org.sonar.scanner.bootstrap.ScannerPluginInstaller.loadPlugins(ScannerPluginInstaller.java:78)
	at org.sonar.scanner.bootstrap.ScannerPluginInstaller.installRemotes(ScannerPluginInstaller.java:61)
	at org.sonar.scanner.bootstrap.ScannerPluginRepository.start(ScannerPluginRepository.java:63)
	at org.sonar.core.platform.StartableBeanPostProcessor.postProcessBeforeInitialization(StartableBeanPostProcessor.java:33)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:440)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1796)
	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:620)
	... 23 common frames omitted

Log:
logs_30759929961.zip (297.8 KB)

7

Asking again - is there some way of rerunning SonarQube when this happens? Our build takes nearly 2 hours so it’s frustrating when this happens and we have to rerun the build.

8

You might have some luck with a GitHub action such as retry action · Actions · GitHub Marketplace · GitHub or Retry Step · Actions · GitHub Marketplace · GitHub.

In any case, the scanner is producing a non-zero exit code when this happens. You should be able to verify this yourself by adding a echo $? into your pipeline and checking it the next time it fails.

22:19:25.776 ERROR Error during SonarScanner CLI execution
...
colinmueller@colins-macbook-air ~ % echo $?
1

To get to the root of the actual problem, I still suggest your organization raises a support ticket.

9

Raising a support ticket is a nice idea, if I ever get hold of anyone in my organisation who can do that.

I tried adding “echo $?” after calling sonar-scanner but nothing appears in the log:

sonar-scanner -Dsonar.cfamily.build-wrapper-output=bw-output
echo "sonar-scanner result" $?

I think the Java exception is causing the action to exit prematurely.

10

It looks like running set +e can prevent the action from exiting prematurely!

11

Got there in the end. This action will run the SonarQube analysis and repeat if it fails.

    - name: SonarQube analysis
      shell: bash
      run: |
        # Disable exit on error.
        set +e

        # Set the maximum number of attempts
        max_attempts=5

        # Set a counter for the number of attempts
        attempt_num=1

        # Set a flag to indicate whether the command was successful
        success=false

        # Loop until the command is successful or the maximum number of attempts is reached
        while [ $success = false ] && [ $attempt_num -le $max_attempts ]; do
          # Execute the command
          sonar-scanner \
            -Dsonar.cfamily.build-wrapper-output=bw-output

          # Check the exit code of the command
          if [ $? -eq 0 ]; then
            # The command was successful
            success=true
          else
            # The command was not successful
            echo "Attempt $attempt_num failed. Trying again..."
            # Increment the attempt counter
            attempt_num=$(( attempt_num + 1 ))
          fi
        done

        # Check if the command was successful
        if [ $success = true ]; then
          # The command was successful
          echo "sonar-scanner was successful after $attempt_num attempts."
        else
          # The command was not successful
          echo "sonar-scanner failed after $max_attempts attempts."
        fi
      env:
        SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        SONAR_HOST_URL: ${{ vars.SONAR_HOST_URL }}
12

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.