Sonarqube login not working after downloading the latest docker image - access denied

arun2022 · March 2, 2022, 2:45pm

Hi ,

Today I tried to reprovision sonarqube and I need up login error without any changes I made.
My automation usually downloads the latest tag from the docker hub. Please assist.

Now

REPOSITORY TAG IMAGE ID CREATED SIZE
:5000/sonarqube latest 4ac4842c584e 4 weeks ago 520MB
:5000/postgres 10.1 ec61d13c8566 4 years ago 287MB

Before

REPOSITORY TAG IMAGE ID CREATED SIZE
:5000/sonarqube latest d3899771462f 2 months ago 514MB
:5000/postgres 10.1 ec61d13c8566 4 years ago 287MB

Exception in thread "Attach Listener" 2022.03.02 14:08:45 WARN  es[][stderr] java.lang.reflect.InvocationTargetException
2022.03.02 14:08:45 WARN  es[][stderr]  at jdk.internal.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.base/java.lang.reflect.Method.invoke(Method.java:566)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.instrument/sun.instrument.InstrumentationImpl.loadClassAndStartAgent(InstrumentationImpl.java:513)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.instrument/sun.instrument.InstrumentationImpl.loadClassAndCallAgentmain(InstrumentationImpl.java:535)
2022.03.02 14:08:45 WARN  es[][stderr] Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.jdk.internal.org.objectweb.asm")
2022.03.02 14:08:45 WARN  es[][stderr]  at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.base/java.security.AccessController.checkPermission(AccessController.java:897)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:322)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.base/java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1238)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:174)
2022.03.02 14:08:45 WARN  es[][stderr]  at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)
2022.03.02 14:08:45 WARN  es[][stderr]  at Log4jHotPatch.asmVersion(Log4jHotPatch.java:71)
2022.03.02 14:08:45 WARN  es[][stderr]  at Log4jHotPatch.agentmain(Log4jHotPatch.java:93)
2022.03.02 14:08:45 WARN  es[][stderr]  ... 5 more
Agent failed to start!

Thanks
Arun

Colin · March 3, 2022, 1:23pm

Hey there.

It looks like corretto/hotpatch-for-apache-log4j2 is being injected somehow, and I have no idea how as, among other things, the SonarQube docker image uses OpenJDK 11 (not correto). Are you 100% sure the Docker image you’re pulling is from DockerHub?

arun2022 · March 3, 2022, 1:50pm

Hi Colin, yes I also dont have any idea about this.

I tried locking a specific version 9.3-community instead of the latest image. It worked well as expected.

Thanks
Arun

arun2022 · March 4, 2022, 3:16pm

Hi Colin,
Today I reprovisioned the sonar instance with 9.3-community version and I started getting the log4j issue again. I’m not sure what’s happening with this image. IN dev it worked and when I applied in prod environment it failed.
Now I’m not sure whether to reprovision dev and get error in dev also.

Thanks
Arun

2022.03.04 15:02:38 INFO  ce[][o.s.s.e.EsClientProvider] Connected to local Elasticsearch: [http://localhost:9001]
Exception in thread "Attach Listener" 2022.03.04 15:02:39 WARN  es[][stderr] java.lang.reflect.InvocationTargetException
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/java.lang.reflect.Method.invoke(Method.java:566)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.instrument/sun.instrument.InstrumentationImpl.loadClassAndStartAgent(InstrumentationImpl.java:513)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.instrument/sun.instrument.InstrumentationImpl.loadClassAndCallAgentmain(InstrumentationImpl.java:535)
2022.03.04 15:02:39 WARN  es[][stderr] Caused by: java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "accessClassInPackage.jdk.internal.org.objectweb.asm")
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/java.security.AccessController.checkPermission(AccessController.java:897)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:322)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1238)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:174)
2022.03.04 15:02:39 WARN  es[][stderr]  at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)
2022.03.04 15:02:39 WARN  es[][stderr]  at Log4jHotPatch.asmVersion(Log4jHotPatch.java:71)
2022.03.04 15:02:39 WARN  es[][stderr]  at Log4jHotPatch.agentmain(Log4jHotPatch.java:93)
2022.03.04 15:02:39 WARN  es[][stderr]  ... 6 more
Agent failed to start!
2022.03.04 15:02:40 INFO  ce[][o.sonar.db.Database] Create JDBC data source for jdbc:postgresql://db/sonarqube
2022.03.04 15:02:44 INFO  ce[][o.s.s.p.ServerFileSystemImpl] SonarQube home: /opt/sonarqube
2022.03.04 15:02:44 INFO  ce[][o.s.c.c.CePluginRepository] Load plugins
2022.03.04 15:02:47 INFO  ce[][o.s.c.c.ComputeEngineContainerImpl] Running Community edition
2022.03.04 15:02:47 INFO  ce[][o.s.ce.app.CeServer] Compute Engine is operational
2022.03.04 15:02:47 INFO  app[][o.s.a.SchedulerImpl] Process[ce] is up
2022.03.04 15:02:47 INFO  app[][o.s.a.SchedulerImpl] SonarQube is up

arun2022 · March 4, 2022, 7:46pm

Hi Colin,

I dont think these are the actual errors. These warnings I see even when the sonarqube is working fine. There is something else to check and

not sure where.

The URL is up but auth error I get (attached the screenshot for the reference)

Thanks
Arun

DefinitelyNotTobi · March 4, 2022, 10:00pm

Hi @arun2022

You can always reset the admin password if you have access to the database. There is documentation here how to do this: Security | SonarQube Docs

Hope that helps

arun2022 · March 10, 2022, 12:49am

Thanks

It looks my AMI update caused some issue in doing the zpool import of the volume and caused the issue. It’s fixed now.

Rajesh_Mundhe · March 13, 2022, 9:33pm

@arun2022 Can you please share the steps that you solved this? I am also facing this issue.

java.lang.reflect.InvocationTargetException
2022.03.13 21:06:38 WARN es[stderr] at jdk.internal.reflect.GeneratedMethodAccessor6.invoke(Unknown Source)
2022.03.13 21:06:38 WARN es[stderr] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2022.03.13 21:06:38 WARN es[stderr] at java.base/java.lang.reflect.Method.invoke(Method.java:566)
2022.03.13 21:06:38 WARN es[stderr] at java.instrument/sun.instrument.InstrumentationImpl.loadClassAndStartAgent(InstrumentationImpl.java:513)
2022.03.13 21:06:38 WARN es[stderr] at java.instrument/sun.instrument.InstrumentationImpl.loadClassAndCallAgentmain(InstrumentationImpl.java:535)
2022.03.13 21:06:38 WARN es[stderr] Caused by: java.security.AccessControlException: access denied (“java.lang.RuntimePermission” “accessClassInPackage.jdk.internal.org.objectweb.asm”)
2022.03.13 21:06:38 WARN es[stderr] at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
2022.03.13 21:06:38 WARN es[stderr] at java.base/java.security.AccessController.checkPermission(AccessController.java:897)
2022.03.13 21:06:38 WARN es[stderr] at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:322)
2022.03.13 21:06:38 WARN es[stderr] at java.base/java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:1238)
2022.03.13 21:06:38 WARN es[stderr] at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:174)
2022.03.13 21:06:38 WARN es[stderr] at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:522)
2022.03.13 21:06:38 WARN es[stderr] at Log4jHotPatch.asmVersion(Log4jHotPatch.java:71)
2022.03.13 21:06:38 WARN es[stderr] at Log4jHotPatch.agentmain(Log4jHotPatch.java:93)
2022.03.13 21:06:38 WARN es[stderr] … 5 more

system · March 20, 2022, 9:34pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SonarQube not starting on Windows 10 SonarQube Server / Community Build	2	5230	November 15, 2019
Using docker can't connect sonarqube 7.9.3 to postgresql-11.7 container and LDAP SonarQube Server / Community Build sonarqube , docker , postgres	3	2067	April 27, 2020
Unable to start sonarqube in docker container SonarQube Server / Community Build sonarqube	6	1953	February 18, 2019
SonarQube Server not working. Giving .AccessDeniedException SonarQube Server / Community Build sonarqube , scanner , docker	1	3627	January 2, 2020
First attempt to log into Sonarqube, page keeps spinning... doesn't load SonarQube Server / Community Build	3	1598	July 17, 2020

Sonarqube login not working after downloading the latest docker image - access denied

Related topics