Sonarqube server not running after installing sonar-json-plugin

I recently upgraded sonarqube from version 8.8 to 9.9 Community Edition.

I have installed Sonarqube Community edition version 9.9 which was running perfectly fine on my windows system.

I have some json codes which I want to sonarqube to scan, so I found json-plugin which scans the json file as well.
I download the jar and Put the downloaded jar in <SONARQUBE_HOME>/extensions/plugins as mentioned in the sonarqube documentation

As soon as I restart the server, the sonarqube does not start by giving the following error:

D:\sonarqube-9.9.0.65466\bin\windows-x86-64>StartSonar.bat
Starting SonarQube...
2023.04.12 18:38:14 INFO  app[][o.s.a.AppFileSystem] Cleaning or creating temp directory D:\sonarqube-9.9.0.65466\temp
2023.04.12 18:38:14 INFO  app[][o.s.a.es.EsSettings] Elasticsearch listening on [HTTP: 127.0.0.1:9001, TCP: 127.0.0.1:51323]
2023.04.12 18:38:14 INFO  app[][o.s.a.ProcessLauncherImpl] Launch process[ELASTICSEARCH] from [D:\sonarqube-9.9.0.65466\elasticsearch]: C:\Program Files\Java\jdk-17\bin\java -XX:+UseG1GC -Djava.io.tmpdir=D:\sonarqube-9.9.0.65466\temp -XX:ErrorFile=D:\sonarqube-9.9.0.65466\logs\es_hs_err_pid%p.log -Des.networkaddress.cache.ttl=60 -Des.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djna.nosys=true -Djna.tmpdir=D:\sonarqube-9.9.0.65466\temp -XX:-OmitStackTraceInFastThrow -Dio.netty.noUnsafe=true -Dio.netty.noKeySetOptimization=true -Dio.netty.recycler.maxCapacityPerThread=0 -Dio.netty.allocator.numDirectArenas=0 -Dlog4j.shutdownHookEnabled=false -Dlog4j2.disable.jmx=true -Dlog4j2.formatMsgNoLookups=true -Djava.locale.providers=COMPAT -Dcom.redhat.fips=false -Xmx512m -Xms512m -XX:MaxDirectMemorySize=256m -XX:+HeapDumpOnOutOfMemoryError -Delasticsearch -Des.path.home=D:\sonarqube-9.9.0.65466\elasticsearch -Des.path.conf=D:\sonarqube-9.9.0.65466\temp\conf\es -cp lib/* org.elasticsearch.bootstrap.Elasticsearch
2023.04.12 18:38:14 INFO  app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running
2023.04.12 18:38:34 INFO  app[][o.s.a.SchedulerImpl] Process[es] is up
2023.04.12 18:38:34 INFO  app[][o.s.a.ProcessLauncherImpl] Launch process[WEB_SERVER] from [D:\sonarqube-9.9.0.65466]: C:\Program Files\Java\jdk-17\bin\java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=D:\sonarqube-9.9.0.65466\temp -XX:-OmitStackTraceInFastThrow --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED -Dcom.redhat.fips=false -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=localhost|127.*|[::1] -cp ./lib/sonar-application-9.9.0.65466.jar;D:\sonarqube-9.9.0.65466\lib\jdbc\h2\h2-2.1.214.jar org.sonar.server.app.WebServer D:\sonarqube-9.9.0.65466\temp\sq-process3341444263512329691properties
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.sonar.process.PluginSecurityManager (file:/D:/sonarqube-9.9.0.65466/lib/sonar-application-9.9.0.65466.jar)
WARNING: Please consider reporting this to the maintainers of org.sonar.process.PluginSecurityManager
WARNING: System::setSecurityManager will be removed in a future release
2023.04.12 18:38:44 INFO  app[][o.s.a.SchedulerImpl] Process[Web Server] is stopped
2023.04.12 18:38:44 INFO  app[][o.s.a.SchedulerImpl] Process[ElasticSearch] is stopped
2023.04.12 18:38:44 INFO  app[][o.s.a.SchedulerImpl] SonarQube is stopped

PS: The same approached worked with the sonarqube 8.8 version, I was able to scan the json files on 8.8 version
Also, when I delete the plugin from the folder and starts the sonarqube server, it starts working.

Hey there.

The JSON plugin is no longer maintained by its maintainer, so it may no longer support newer versions of SonarQube.

Thanks Colin :slight_smile:
Do you know any other plugin if I can use?

I don’t.

To be honest, there’s not a lot of value to be gotten from scanning JSON files. They don’t usually contain logic, and the most that sonar-json can provide on non-Puppet files are:

  • BOM should not be used for UTF-8 files
  • File names should comply with a naming convention
  • Files should contain an empty new line at the end
  • Regular expression on key
  • Tabulation characters should not be used

I wouldn’t recommend trying to analyze JSON.

Thanks Colin for your kind suggestion.
The thing is, that we are are using Axway Api gateway, so codebase is written in json and xml format only.

I wouldn’t expect the json plugin to target Axway Api specifically. Are those 5 rules really useful for you in the context of Axway Api?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.