SonarQube Scanner execution error

sonarcloud
msbuild
vsts
sonarsecurity

(John Jude Jesuxavier) #1

We have Azure DevOps pipeline integrated with sonar cloud tasks. But ‘Run code analysis’ doesn’t get completed without giving error details. Trace as follows,
Could you please help, Thanks in advance.

2018-12-19T10:31:42.2047125Z INFO: Analyzing 521 ucfgs to detect vulnerabilities.
2018-12-19T10:31:42.2047341Z INFO: rule: S3649, entrypoints: 50
2018-12-19T10:31:44.5001289Z INFO: ------------------------------------------------------------------------
2018-12-19T10:31:44.5002212Z INFO: EXECUTION FAILURE
2018-12-19T10:31:44.5002672Z INFO: ------------------------------------------------------------------------
2018-12-19T10:31:44.5003013Z INFO: Total time: 1:45.421s
2018-12-19T10:31:44.5779666Z INFO: Final Memory: 16M/195M
2018-12-19T10:31:44.5780235Z INFO: ------------------------------------------------------------------------
2018-12-19T10:31:44.5790459Z ##[error]ERROR: Error during SonarQube Scanner execution
2018-12-19T10:31:44.5791361Z ERROR: Error during SonarQube Scanner execution
2018-12-19T10:31:44.5791987Z ##[error]ERROR: null

ERROR:

2018-12-19T10:31:44.5793678Z ERROR: null
2018-12-19T10:31:44.5793928Z ERROR: 
2018-12-19T10:31:44.6399651Z ##[error]The SonarQube Scanner did not complete successfully
2018-12-19T10:31:44.6400305Z The SonarQube Scanner did not complete successfully
2018-12-19T10:31:44.6460197Z 10:31:44.64  Creating a summary markdown file...
2018-12-19T10:31:44.6526038Z ##[error]10:31:44.64  Post-processing failed. Exit code: 1
2018-12-19T10:31:44.6526678Z 10:31:44.64  Post-processing failed. Exit code: 1
2018-12-19T10:31:44.6676066Z ##[error]F:\gxaurp1\_work\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\1.5.1\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe failed with return code: 1
2018-12-19T10:31:44.6744744Z ##[section]Finishing: Run Code Analysis

(Bouke) #2

I’m running into have a very similar issue. Also VSTS and also a null crash when analyzing vulnerabilities. I’ve worked around it by disabling the crashing analyzer (S2631) until the issue gets resolved. You could try the same, the crashing one appears to be S3649; remove it from your custom ruleset.


(Fabrice Bellingard) #3

John, did you manage to get around this thanks to this trick? (= disabling rule S2631)


(Amaury Levé) #4

Hi @John_Jude_Jesuxavier,

Same answer as to @bouke thread.

Thank you for the feedback! We will have a look at this rule to see what is going on and fix it.

Would you mind re-running an analysis with sonar.verbose=true in the begin step and provide us with the full end step logs? And ideally, if you could zip and share the content of the .sonarqube/out/ucfg_cs2 folder (located at the root of your project on the build agent) that would really help us to narrow down the issue.

Cheers,
Amaury