SonarQube scanner fails, 'Fail to download sonar-scanner-engine-shaded-7.2.1-all.jar'

(Mark Jaffe) #1

SonarQube version 7.2.1, running Docker-ized on alpine linux, invoked from command-line with mvn -Dmaven.repo.local=pwd/cache/m2/repository -B -Dsonar.login=sonar -Dsonar.password=sonar -Dsonar.exclusions=jenga-ext-model/src/generated/java org.sonarsource.scanner.maven:sonar-maven-plugin: in Jenkins pipeline
I have searched the source code and made various settings to ‘User cache’ such as export SONAR_USER_HOME=/home/sonarqube and in command-line -Dsonar.userHome=/home/sonarqube with no success. There is NOTHING in user documentation about cache settings, but the dependency on a jar located on the server is disturbing. My users are confused, since this had previously been working. One thing I changed recently was to remove references to sonar from the project pom.xml, perhaps this is the issue?

(Duarte Meneses) #2

Could you post the logs of the scanner? Preferably with debug enabled (-X).

(Mark Jaffe) #3

build_2019.02.28-213727_log.txt (88.1 KB)
Uploading debug log, company name redacted
Invoked by command-line:

mvn -Dmaven.repo.local=/root/cache/m2/repository -B -U -X \
-Dsonar.login=sonar -Dsonar.password=sonar  org.sonarsource.scanner.maven:sonar-maven-plugin: 2>&1 | tee -a /logs/build_$dir_name_$TS.log

(Duarte Meneses) #4

Do you manage to download from the container, using wget/curl for example?
Are there any proxies in between or do you have any authentication with private keys?

I noticed that the first download took a long time (0.8s for a few bytes), so I wonder if the second download timed out. Do you have any timestamp after the failure?

(Mark Jaffe) #5

Some of my analysis jobs pass, others fail; yes, there is a proxy, but they’re all in AWS, same region. Any auth is with user/password. curl downloads successfully

Further digging reveals that a successful build from this morning on Jenkins server used a cached copy from last week of the scanner jar:

[build@jenkslave-service4 danube-core_PR-222-2M73OCSTE44MTXHZVUY6QPYMEAGFVRKPNVF2YEJCCXVYRVVCU4HA]$ ls -l \?/.sonar/cache/b16b4fe54d9dfecea420156fa339f59f/sonar-scanner-engine-shaded-7.2.1-all.jar
-rw-r--r-- 1 build build 25502839 Feb 21 16:40 ?/.sonar/cache/b16b4fe54d9dfecea420156fa339f59f/sonar-scanner-engine-shaded-7.2.1-all.jar

(Duarte Meneses) #6

Ok, I think the downloads might be timing out (taking too long), you should confirm it in the logs.
The fact that sometimes it finds a cached copy indicates that a different cache directory is being used in some analysis.
The location of the cache folder is in “sonar user home”. This directory is by default ~/.sonar but this can be overriden with System.getenv("SONAR_USER_HOME").

(Mark Jaffe) #7
public class OkHttpClientFactory {

  static final int CONNECT_TIMEOUT_MILLISECONDS = 5_000;
  static final int READ_TIMEOUT_MILLISECONDS = 500_000;
  static final String NONE = "NONE";
  static final String P11KEYSTORE = "PKCS11";
  private static final String PROXY_AUTHORIZATION = "Proxy-Authorization";

  private OkHttpClientFactory() {
    // only statics

  static OkHttpClient create(Logger logger) {
    OkHttpClient.Builder okHttpClientBuilder = new OkHttpClient.Builder();

    okHttpClientBuilder.connectTimeout(CONNECT_TIMEOUT_MILLISECONDS, TimeUnit.MILLISECONDS);
    okHttpClientBuilder.readTimeout(READ_TIMEOUT_MILLISECONDS, TimeUnit.MILLISECONDS);

    ConnectionSpec tls = new ConnectionSpec.Builder(ConnectionSpec.MODERN_TLS)
    okHttpClientBuilder.connectionSpecs(asList(tls, ConnectionSpec.CLEARTEXT));

This looks like it should be a reasonable connection timeout

(Mark Jaffe) #8

Also I should note: setting SONAR_USER_HOME is not honored when the analysis is done, it still ends up in Jenkins working directory under ‘?’/.sonar/cache
I also tried setting -Dsonar.userHome in command-line which also did not get followed

(Mark Jaffe) #9

And I just ran a test fetch with curl from the sonar host within the docker container I am using to build, running on the Jenkins slave. Timed out in 20 seconds with 17Mb of the 25Mb jar downloaded!