SSL issues with Sonar Scanner for NPM starting with Version 4.0.0 when using selfsigned certificate

  • Environment:
    – SonarQube: 9.9.6.92038 (Developer Edition)
    – Sonar Scanner CLI: 6.0.0.4432
    – NPM sonarqube-scanner: 4.2.1 / 4.0.0
  • What I try to achieve: Run analysis with npm package sonarqube-scanner

While lifecycling our frontent application we wanted to upgrade NPM package sonarqube-scanner to the latest version. With previous verisons we were using SONAR_SCANNER_OPTS to specify the truststore which contains our selfsigned Issuer (SONAR_SCANNER_OPTS = "-Djavax.net.ssl.trustStore=/usr/lib/jvm/jre/lib/security/cacerts -Djavax.net.ssl.trustStorePassword=changeit". However, with version 4.0.0 this stopped working. We tried to specify the truststore and password through sonar.scanner.truststorePath and sonar.scanner.truststorePassword but I wasn’t able to get it to run failing with the error message below. The job runs on our Jenkins server with NodeJS v20.5.0

What I tried so far:

  • Using sonar-project.properties file and added properties sonar.scanner.truststorePath and sonar.scanner.truststorePassword: No success
  • Using command line parameters for npm run sonar, -Dsonar.scanner.truststorePath and -Dsonar.scanner.truststorePassword: No success
  • Using environment variables SONAR_SCANNER_TRUSTSTORE_PATH and SONAR_SCANNER_TRUSTSTORE_PASSWORD, looking at the code they should be converted: No success

I think this was introduced by the following PR:

There is already PR from user which describes the issue as being SONAR_SCANNER_OPTS being filtered and therefore not passed to JRE:

I removed the URL to our SonarQube server and replaced it with SERVER_URL

2024-08-29 13:51:03  > sonar-scanner
2024-08-29 13:51:03  
2024-08-29 13:51:03  [WARN]  Bootstrapper: SONARQUBE_SCANNER_PARAMS is deprecated, please use SONAR_SCANNER_JSON_PARAMS instead
2024-08-29 13:51:03  [INFO]  Bootstrapper: Retrieving info from "package.json" file
2024-08-29 13:51:03  [WARN]  Bootstrapper: Property "sonar.login" is deprecated and will be removed in a future version. Please use "sonar.token" instead.
2024-08-29 13:51:03  [INFO]  Bootstrapper: Platform: linux x64
2024-08-29 13:51:04  [INFO]  Bootstrapper: Server URL: https://SERVER_URL
2024-08-29 13:51:04  [INFO]  Bootstrapper: Version: 4.2.1
2024-08-29 13:51:04  [INFO]  Bootstrapper: SonarQube server version: 9.9.6
2024-08-29 13:51:04  [INFO]  Bootstrapper: JRE provisioning is NOT supported
2024-08-29 13:51:04  [INFO]  Bootstrapper: Falling back on using sonar-scanner-cli
2024-08-29 13:51:04  [INFO]  Bootstrapper: Starting analysis
2024-08-29 13:51:05  13:51:05.108 INFO  Scanner configuration file: /home/jenkins/.sonar/native-sonar-scanner/sonar-scanner-6.0.0.4432-linux/conf/sonar-scanner.properties
2024-08-29 13:51:05  13:51:05.113 INFO  Project root configuration file: /var/lib/jenkins/wd/workspace/enderer-standalone-proxy_develop/sonar-project.properties
2024-08-29 13:51:05  13:51:05.129 INFO  SonarScanner CLI 6.0.0.4432
2024-08-29 13:51:05  13:51:05.131 INFO  Java 17.0.11 Eclipse Adoptium (64-bit)
2024-08-29 13:51:05  13:51:05.131 INFO  Linux 5.14.0-284.77.1.el9_2.x86_64 amd64
2024-08-29 13:51:05  13:51:05.195 INFO  User cache: /home/jenkins/.sonar/cache
2024-08-29 13:51:07  13:51:06.956 INFO  Communicating with SonarQube Server 9.9.6.92038
2024-08-29 13:51:07  13:51:07.727 INFO  Load global settings
2024-08-29 13:51:07  13:51:07.833 INFO  EXECUTION FAILURE
2024-08-29 13:51:07  13:51:07.834 INFO  Total time: 2.802s
2024-08-29 13:51:07  [ERROR] Bootstrapper: 13:51:07.834 ERROR Error during SonarScanner CLI execution
2024-08-29 13:51:07  org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@3ecd267f-org.sonar.scanner.bootstrap.ScannerPluginRepository': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@3ecd267f-org.sonar.scanner.bootstrap.ScannerPluginInstaller': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@3ecd267f-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://SERVER_URL/api/settings/values.protobuf
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:955)
2024-08-29 13:51:07  	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:920)
2024-08-29 13:51:07  	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583)
2024-08-29 13:51:07  	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:187)
2024-08-29 13:51:07  	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
2024-08-29 13:51:07  	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
2024-08-29 13:51:07  	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
2024-08-29 13:51:07  	at org.sonarsource.scanner.lib.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:41)
2024-08-29 13:51:07  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2024-08-29 13:51:07  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
2024-08-29 13:51:07  	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
2024-08-29 13:51:07  	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
2024-08-29 13:51:07  	at org.sonarsource.scanner.lib.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:62)
2024-08-29 13:51:07  	at jdk.proxy3/jdk.proxy3.$Proxy2.execute(Unknown Source)
2024-08-29 13:51:07  	at org.sonarsource.scanner.lib.InProcessScannerEngineFacade.doAnalyze(InProcessScannerEngineFacade.java:39)
2024-08-29 13:51:07  	at org.sonarsource.scanner.lib.ScannerEngineFacade.analyze(ScannerEngineFacade.java:61)
2024-08-29 13:51:07  	at org.sonarsource.scanner.cli.Main.analyze(Main.java:77)
2024-08-29 13:51:07  	at org.sonarsource.scanner.cli.Main.main(Main.java:63)
2024-08-29 13:51:07  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@3ecd267f-org.sonar.scanner.bootstrap.ScannerPluginInstaller': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@3ecd267f-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://SERVER_URL/api/settings/values.protobuf
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-08-29 13:51:07  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-08-29 13:51:07  	... 27 common frames omitted
2024-08-29 13:51:07  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@3ecd267f-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://SERVER_URL/api/settings/values.protobuf
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-08-29 13:51:07  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-08-29 13:51:07  	... 41 common frames omitted
2024-08-29 13:51:07  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://SERVER_URL/api/settings/values.protobuf
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:541)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-08-29 13:51:07  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-08-29 13:51:07  	... 55 common frames omitted
2024-08-29 13:51:07  Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://SERVER_URL/api/settings/values.protobuf
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:658)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:638)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-08-29 13:51:07  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-08-29 13:51:07  	... 69 common frames omitted
2024-08-29 13:51:07  Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://SERVER_URL/api/settings/values.protobuf
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
2024-08-29 13:51:07  	... 83 common frames omitted
2024-08-29 13:51:07  Caused by: java.lang.IllegalStateException: Fail to request url: https://SERVER_URL/api/settings/values.protobuf
2024-08-29 13:51:07  	at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:208)
2024-08-29 13:51:07  	at org.sonarqube.ws.client.HttpConnector.get(HttpConnector.java:125)
2024-08-29 13:51:07  	at org.sonarqube.ws.client.HttpConnector.call(HttpConnector.java:112)
2024-08-29 13:51:07  	at org.sonar.scanner.bootstrap.DefaultScannerWsClient.call(DefaultScannerWsClient.java:87)
2024-08-29 13:51:07  	at org.sonar.scanner.repository.settings.AbstractSettingsLoader.load(AbstractSettingsLoader.java:60)
2024-08-29 13:51:07  	at org.sonar.scanner.repository.settings.DefaultGlobalSettingsLoader.loadGlobalSettings(DefaultGlobalSettingsLoader.java:35)
2024-08-29 13:51:07  	at org.sonar.scanner.bootstrap.GlobalServerSettingsProvider.provide(GlobalServerSettingsProvider.java:35)
2024-08-29 13:51:07  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2024-08-29 13:51:07  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
2024-08-29 13:51:07  	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
2024-08-29 13:51:07  	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
2024-08-29 13:51:07  	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
2024-08-29 13:51:07  	... 84 common frames omitted
2024-08-29 13:51:07  Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-08-29 13:51:07  	at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2024-08-29 13:51:07  	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)
2024-08-29 13:51:07  	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)
2024-08-29 13:51:07  	at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)
2024-08-29 13:51:07  	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)
2024-08-29 13:51:07  	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)
2024-08-29 13:51:07  	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)
2024-08-29 13:51:07  	at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)
2024-08-29 13:51:07  	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
2024-08-29 13:51:07  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-08-29 13:51:07  	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
2024-08-29 13:51:07  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-08-29 13:51:07  	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
2024-08-29 13:51:07  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-08-29 13:51:07  	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
2024-08-29 13:51:07  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-08-29 13:51:07  	at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
2024-08-29 13:51:07  	at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
2024-08-29 13:51:07  	at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:206)
2024-08-29 13:51:07  	... 95 common frames omitted
2024-08-29 13:51:07  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-08-29 13:51:07  	at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.validator.Validator.validate(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
2024-08-29 13:51:07  	... 125 common frames omitted
2024-08-29 13:51:07  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-08-29 13:51:07  	at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
2024-08-29 13:51:07  	at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
2024-08-29 13:51:07  	at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
2024-08-29 13:51:07  	... 130 common frames omitted
2024-08-29 13:51:07  
2024-08-29 13:51:07  [ERROR] Bootstrapper: 13:51:07.892 ERROR 
2024-08-29 13:51:07  13:51:07.892 ERROR Re-run SonarScanner CLI using the -X switch to enable full debug logging.
2024-08-29 13:51:07  
2024-08-29 13:51:07  [ERROR] Bootstrapper: An error occurred: Error: SonarScanner CLI failed with code 1
2024-08-29 13:51:08  [Pipeline] }
2024-08-29 13:51:08  WARN: Unable to locate 'report-task.txt' in the workspace. Did the SonarScanner succeed?
1 Like

I analyzed the code and came to the conclusion that there are some cliArgs that have to be passed as jvmOptions, in particular -Djavax.net.ssl.trustStore and -Djava.net.ssl.trustStorePassword.

This could be achieved by adding something like this in scanner-cli.ts:

  const jvmOptions = [
    ...(scanOptions.jvmOptions ?? []),
    ...(properties[ScannerProperty.SonarScannerTruststorePath] ? [`-Djavax.net.ssl.trustStore=${properties[ScannerProperty.SonarScannerTruststorePath]}`] : []),
    ...(properties[ScannerProperty.SonarScannerTruststorePassword] ? [`-Djavax.net.ssl.trustStorePassword=${properties[ScannerProperty.SonarScannerTruststorePassword]}`] : []),
    ...(properties[ScannerProperty.SonarScannerKeystorePath] ? [`-Djavax.net.ssl.keyStore=${properties[ScannerProperty.SonarScannerKeystorePath]}`] : []),
    ...(properties[ScannerProperty.SonarScannerKeystorePassword] ? [`-Djavax.net.ssl.keyStorePassword=${properties[ScannerProperty.SonarScannerKeystorePassword]}`] : []),
  ]

And replace the spawn part with this:

  const child = spawn(
    binPath,
    [...(jvmOptions), ...proxyUrlToJavaOptions(properties)],
    {
      env: {
        ...Object.fromEntries(filteredEnv),
        SONARQUBE_SCANNER_PARAMS: JSON.stringify(properties),
      },
      shell: isWindows(),
    },
  );

This would ensure that those jvmOptions are properly passed to the JRE. However, I’m not sure how I should test this and if the jvmOptions are in the correct format.

Hello @majenny ,

The properties -Dsonar.scanner.truststore* are forwarded to the Scanner CLI through SONARQUBE_SCANNER_PARAMS environment variable. We could validate that this environment variable was containing the path to the truststore.

Could you please try running the CLI Scanner directly and passing -Dsonar.scanner.truststorePath / -Dsonar.scanner.truststorePassword as you are doing for the Scanner for NPM?

Can you verify that your truststore contains the certificate, and can you please tell us how did you generate it (with java keytools or openssl)?

Lastly, please run your scan using -Dsonar.verbose=true so we have a maximum information to help you!

Hope this helps
Benjamin

Hello benjamin.raymond (not able to mention you, since I’m new)

Thank you for your response. Sonar CLI Scanner isn’t the issue here. I know that this is working since we are checking a lot of maven projects.

The issue is with how sonarqube-scanner (NPM package) is starting the CLI not properly passing all required information to the scanner CLI (see my second post).

Therefore debug logs won’t do much since the scanner CLI is working properly.

Regards,
Manuel

Hi benjamin.raymond
I had some time to fiddle around with the SONAR_SCANNER_JSON_PARAMS env var.

However, it’s still not working:

2024-09-25 14:09:17  [Pipeline] // script
2024-09-25 14:09:17  [Pipeline] withSonarQubeEnv
2024-09-25 14:09:17  Injecting SonarQube environment variables using the configuration: sonarqube-sqpc
2024-09-25 14:09:17  [Pipeline] {
2024-09-25 14:09:17  [Pipeline] sh
2024-09-25 14:09:18  + printenv
2024-09-25 14:09:18  + grep -i trust
2024-09-25 14:09:18  SONAR_SCANNER_TRUSTSTORE_PATH=/home/jenkins/cacerts
2024-09-25 14:09:18  JAVAX_NET_SSL_TRUST_STORE_PASSWORD=changeit
2024-09-25 14:09:18  JAVAX_NET_SSL_TRUST_STORE=/home/jenkins/cacerts
2024-09-25 14:09:18  SONAR_SCANNER_JSON_PARAMS={"sonar.scanner.truststorePath":"/home/jenkins/cacerts", "sonar.scanner.truststorePassword": "changeit"}
2024-09-25 14:09:18  SONAR_SCANNER_TRUSTSTORE_PASSWORD=changeit
2024-09-25 14:09:18  [Pipeline] sh
2024-09-25 14:09:18  + npm run sonar
[..]
2024-09-25 14:09:23  Sonar execution report written to: /var/lib/jenkins/wd/workspace/enderer-standalone-proxy_develop/coverage/sonar.xml
2024-09-25 14:09:24  
2024-09-25 14:09:24  > ui-renderer-standalone-proxy@1.7.9 sonar
2024-09-25 14:09:24  > sonar-scanner
2024-09-25 14:09:24  
2024-09-25 14:09:24  [INFO]  Bootstrapper: Retrieving info from "package.json" file
2024-09-25 14:09:24  [INFO]  Bootstrapper: Platform: linux x64
2024-09-25 14:09:26  [INFO]  Bootstrapper: Server URL: [HIDDEN_URL]
2024-09-25 14:09:26  [INFO]  Bootstrapper: Version: 4.2.1
2024-09-25 14:09:26  [INFO]  Bootstrapper: SonarQube server version: 9.9.6
2024-09-25 14:09:26  [INFO]  Bootstrapper: JRE provisioning is NOT supported
2024-09-25 14:09:26  [INFO]  Bootstrapper: Falling back on using sonar-scanner-cli
2024-09-25 14:09:26  [INFO]  Bootstrapper: Starting analysis
2024-09-25 14:09:27  14:09:27.094 INFO  Scanner configuration file: /home/jenkins/.sonar/native-sonar-scanner/sonar-scanner-6.0.0.4432-linux/conf/sonar-scanner.properties
2024-09-25 14:09:27  14:09:27.099 INFO  Project root configuration file: /var/lib/jenkins/wd/workspace/enderer-standalone-proxy_develop/sonar-project.properties
2024-09-25 14:09:27  14:09:27.115 INFO  SonarScanner CLI 6.0.0.4432
2024-09-25 14:09:27  14:09:27.117 INFO  Java 17.0.11 Eclipse Adoptium (64-bit)
2024-09-25 14:09:27  14:09:27.118 INFO  Linux 5.14.0-284.82.1.el9_2.x86_64 amd64
2024-09-25 14:09:27  14:09:27.125 INFO  User cache: /home/jenkins/.sonar/cache
2024-09-25 14:09:29  14:09:29.224 INFO  Communicating with SonarQube Server 9.9.6.92038
2024-09-25 14:09:30  14:09:30.097 INFO  Load global settings
2024-09-25 14:09:30  14:09:30.203 INFO  EXECUTION FAILURE
2024-09-25 14:09:30  14:09:30.203 INFO  Total time: 3.190s
2024-09-25 14:09:30  [ERROR] Bootstrapper: 14:09:30.203 ERROR Error during SonarScanner CLI execution
2024-09-25 14:09:30  org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@4c2cc639-org.sonar.scanner.bootstrap.ScannerPluginRepository': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@4c2cc639-org.sonar.scanner.bootstrap.ScannerPluginInstaller': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@4c2cc639-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url:[HIDDEN_URL]/api/settings/values.protobuf
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:955)
2024-09-25 14:09:30  	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:920)
2024-09-25 14:09:30  	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583)
2024-09-25 14:09:30  	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:187)
2024-09-25 14:09:30  	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
2024-09-25 14:09:30  	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
2024-09-25 14:09:30  	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
2024-09-25 14:09:30  	at org.sonarsource.scanner.lib.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:41)
2024-09-25 14:09:30  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2024-09-25 14:09:30  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
2024-09-25 14:09:30  	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
2024-09-25 14:09:30  	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
2024-09-25 14:09:30  	at org.sonarsource.scanner.lib.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:62)
2024-09-25 14:09:30  	at jdk.proxy3/jdk.proxy3.$Proxy2.execute(Unknown Source)
2024-09-25 14:09:30  	at org.sonarsource.scanner.lib.InProcessScannerEngineFacade.doAnalyze(InProcessScannerEngineFacade.java:39)
2024-09-25 14:09:30  	at org.sonarsource.scanner.lib.ScannerEngineFacade.analyze(ScannerEngineFacade.java:61)
2024-09-25 14:09:30  	at org.sonarsource.scanner.cli.Main.analyze(Main.java:77)
2024-09-25 14:09:30  	at org.sonarsource.scanner.cli.Main.main(Main.java:63)
2024-09-25 14:09:30  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@4c2cc639-org.sonar.scanner.bootstrap.ScannerPluginInstaller': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@4c2cc639-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url:[HIDDEN_URL]/api/settings/values.protobuf
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-09-25 14:09:30  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-09-25 14:09:30  	... 27 common frames omitted
2024-09-25 14:09:30  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@4c2cc639-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url:[HIDDEN_URL]/api/settings/values.protobuf
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-09-25 14:09:30  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-09-25 14:09:30  	... 41 common frames omitted
2024-09-25 14:09:30  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url:[HIDDEN_URL]/api/settings/values.protobuf
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:541)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-09-25 14:09:30  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-09-25 14:09:30  	... 55 common frames omitted
2024-09-25 14:09:30  Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url:[HIDDEN_URL]/api/settings/values.protobuf
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:658)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:638)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-09-25 14:09:30  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-09-25 14:09:30  	... 69 common frames omitted
2024-09-25 14:09:30  Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url:[HIDDEN_URL]/api/settings/values.protobuf
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
2024-09-25 14:09:30  	... 83 common frames omitted
2024-09-25 14:09:30  Caused by: java.lang.IllegalStateException: Fail to request url:[HIDDEN_URL]/api/settings/values.protobuf
2024-09-25 14:09:30  	at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:208)
2024-09-25 14:09:30  	at org.sonarqube.ws.client.HttpConnector.get(HttpConnector.java:125)
2024-09-25 14:09:30  	at org.sonarqube.ws.client.HttpConnector.call(HttpConnector.java:112)
2024-09-25 14:09:30  	at org.sonar.scanner.bootstrap.DefaultScannerWsClient.call(DefaultScannerWsClient.java:87)
2024-09-25 14:09:30  	at org.sonar.scanner.repository.settings.AbstractSettingsLoader.load(AbstractSettingsLoader.java:60)
2024-09-25 14:09:30  	at org.sonar.scanner.repository.settings.DefaultGlobalSettingsLoader.loadGlobalSettings(DefaultGlobalSettingsLoader.java:35)
2024-09-25 14:09:30  	at org.sonar.scanner.bootstrap.GlobalServerSettingsProvider.provide(GlobalServerSettingsProvider.java:35)
2024-09-25 14:09:30  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2024-09-25 14:09:30  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
2024-09-25 14:09:30  	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
2024-09-25 14:09:30  	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
2024-09-25 14:09:30  	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
2024-09-25 14:09:30  	... 84 common frames omitted
2024-09-25 14:09:30  Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-09-25 14:09:30  	at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2024-09-25 14:09:30  	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)
2024-09-25 14:09:30  	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)
2024-09-25 14:09:30  	at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)
2024-09-25 14:09:30  	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)
2024-09-25 14:09:30  	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)
2024-09-25 14:09:30  	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)
2024-09-25 14:09:30  	at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)
2024-09-25 14:09:30  	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
2024-09-25 14:09:30  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-09-25 14:09:30  	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
2024-09-25 14:09:30  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-09-25 14:09:30  	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
2024-09-25 14:09:30  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-09-25 14:09:30  	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
2024-09-25 14:09:30  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-09-25 14:09:30  	at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
2024-09-25 14:09:30  	at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
2024-09-25 14:09:30  	at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:206)
2024-09-25 14:09:30  	... 95 common frames omitted
2024-09-25 14:09:30  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-09-25 14:09:30  	at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.validator.Validator.validate(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
2024-09-25 14:09:30  	... 125 common frames omitted
2024-09-25 14:09:30  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-09-25 14:09:30  	at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
2024-09-25 14:09:30  	at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
2024-09-25 14:09:30  	at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
2024-09-25 14:09:30  	... 130 common frames omitted
2024-09-25 14:09:30  
2024-09-25 14:09:30  [ERROR] Bootstrapper: 14:09:30.206 ERROR 
2024-09-25 14:09:30  14:09:30.206 ERROR Re-run SonarScanner CLI using the -X switch to enable full debug logging.
2024-09-25 14:09:30  
2024-09-25 14:09:30  [ERROR] Bootstrapper: An error occurred: Error: SonarScanner CLI failed with code 1
[..]

The jenkins pipeline itself defines an environment variable SONARQUBE_SCANNER_PARAMS with the following content:

[..]
environment {
            SONAR_SCANNER_TRUSTSTORE_PATH = "/home/jenkins/cacerts"
            SONAR_SCANNER_TRUSTSTORE_PASSWORD = "changeit"
            SONAR_SCANNER_JSON_PARAMS = "{\"sonar.scanner.truststorePath\":\"${SONAR_SCANNER_TRUSTSTORE_PATH}\", \"sonar.scanner.truststorePassword\": \"${SONAR_SCANNER_TRUSTSTORE_PASSWORD}\"}"
            SONARQBE_SCANNER_PARAMS = "${SONAR_SCANNER_JSON_PARAMS}"
            JAVAX_NET_SSL_TRUST_STORE = "${SONAR_SCANNER_TRUSTSTORE_PATH}"
            JAVAX_NET_SSL_TRUST_STORE_PASSWORD = "${SONAR_SCANNER_TRUSTSTORE_PASSWORD}"
}
[..]
stage('Build Application') {
                when {
                    expression {
                        return shouldDeploy
                    }
                }
                steps {
                    script {
                        // Build all without creating a git tag; only create git tag after successful creation of OpenShift image.
                        // This will prevent git tags without corresponding OpenShift images
                        // Here, no module should be left out from the build to make sure, the whole code is working as expected
                        //   -> allways build all modules
                        script {
                            if (fileExists('package-lock.json')) {
                                sh "npm cache verify"
                                sh "npm ci"
                            } else {
                                sh "npm i"
                            }
                            sh "npm run build"
                        }

                        if (withSonar) {
                            withSonarQubeEnv(ClaimsConst.JENKINS_SONARQUBE_SGPC_INSTALLATION_NAME) {
                                sh "npm run sonar"
                            }
                            if (failSonarQubeQualityGate) {
                                shouldCheckSonarQubeQualityGate = true
                            }
                        }
                    }
                }
            }
[..]

From the exception my guess is that the JAVAX params aren’t properly set resulting in the problem

Hello @majenny , thanks for coming back with these information. Apologies in advance for the long post.

sonar.scanner.truststore* properties

javax.ssl.* properties are deprecated and moving forward, we should use sonar.scanner.* properties.

The Scanner CLI v6+ accepts sonar.scanner.truststorePath and sonar.scanner.truststorePassword. I’ve made a test locally that you can reproduce running these commands.

# 1. Create a new container based on Node 20.5.x
docker run --rm -w /app -it "node:20.5.1-bookworm" /bin/bash
apt update
npm i -g sonarqube-scanner@4
apt install openjdk-17-jre-headless --yes
export NODE_TLS_REJECT_UNAUTHORIZED=0 # silences node error when downloading from binaries.sonarsource.com

# 2. Create truststore
openssl s_client -connect untrusted-root.badssl.com:443 -showcerts </dev/null 2>/dev/null | openssl x509 -outform PEM > untrusted-root.crt
keytool -importcert -file untrusted-root.crt -keystore truststore.p12 -storepass changeit -alias untrusted-root -storetype PKCS12 -noprompt
keytool -list -keystore truststore.p12 -storepass changeit -storetype PKCS12

# 3. Run NPM Scanner
SONAR_SCANNER_JSON_PARAMS="{\"sonar.scanner.truststorePath\":\"truststore.p12\",\"sonar.scanner.truststorePassword\":\"changeit\"}" \
sonar-scanner \
    -Dsonar.scanner.internal.sqVersion=9.9.6 \
    -Dsonar.verbose=true \
    -Dsonar.host.url=https://untrusted-root.badssl.com/

Here’s the output (with debug logs)

[..]
[DEBUG] Bootstrapper: Setting the log level to DEBUG due to verbose mode
[..]
[DEBUG] Bootstrapper: Using truststore at truststore.p12
[DEBUG] Bootstrapper: 1 CA certificates found in truststore
[..]
09:42:48.713 INFO  SonarScanner CLI 6.0.0.4432
[..]
[ERROR] Bootstrapper: 11:21:07.246 ERROR Error during SonarScanner CLI execution
java.lang.IllegalStateException: Failed to get server version

When we omit truststore information, we can see that the CLI Scanner fails with a SSL error:

$ sonar-scanner \
    -Dsonar.scanner.internal.sqVersion=9.9.6 \
    -Dsonar.verbose=true \
    -Dsonar.host.url=https://untrusted-root.badssl.com/

> [..]
> Caused by: java.lang.IllegalStateException: Call to URL [https://untrusted-root.badssl.com/api/v2/analysis/version] failed
> [..] None of the TrustManagers trust this certificate chain

I’ve also tried these, which work:

# -Dsonar.scanner.truststore*
sonar-scanner -Dsonar.scanner.truststorePath=truststore.p12 -Dsonar.scanner.truststorePassword=changeit -Dsonar.scanner.internal.sqVersion=9.9.6     -Dsonar.verbose=true -Dsonar.host.url=https://untrusted-root.badssl.com/

# Env vars
SONAR_SCANNER_TRUSTSTORE_PATH=truststore.p12 SONAR_SCANNER_TRUSTSTORE_PASSWORD=changeit sonar-scanner -Dsonar.scanner.internal.sqVersion=9.9.6 -Dsonar.verbose=true -Dsonar.host.url=https://untrusted-root.badssl.com/

This test suggests that sonar.scanner.truststorePath and sonar.scanner.truststorePassword are successfully forwarded to the Scanner CLI.

javax.ssl.* properties

Indeed, the deprecated javax.ssl properties arn’t passed to the Scanner CLI through the NPM scanner, so this won’t work:

SONAR_SCANNER_OPTS="-Djavax.net.ssl.trustStore=truststore.p12 -Djavax.net.ssl.trustStorePassword=changeit"  ...
sonar-scanner -Djavax.net.ssl.trustStore=truststore.p12 -Djavax.net.ssl.trustStorePassword=changeit sonar-scanner [..]

To ease the migration to the NPM Scanner v4+, I think it makes sense to support the deprecated javax.ssl.* properties, so I’ve created this ticket to support it. But at some point, you’ll see a warning about these properties and you will have to move to sonar.scanner.*

your use-case

From the jenkins pipeline you sent, I don’t see why it doesn’t work, as you are using the new properties sonar.scanner.truststore*. Only SONAR_SCANNER_TRUSTSTORE_[PATH|PASSWORD] should be enough to set the truststore information.

Then, I would check the debug logs of the bootstrapper to see if the NPM scanner is able to read the truststore and loading the certificates, and check the debug logs of the CLI scanner to see when it fails (it looks like it doesn’t fail on the first request but on /api/settigns/values.protobuf, which is odd). You can enable debug logs using -Dsonar.verbose=true.

You have probably seen the documentation page before, but I recommend reading it for more information

Hope this helps
Benjamin

1 Like

Hi Benjamin Raymond

I did some tests (using JKS and PKCS12) and you’re right.

The scanner seems to properly load the certificates, some requests are working but eventually the call to api/settings/values.protobuffails.

I used the following SONAR_SCANNER_JSON_PARAMS variable (/home/jenkins/cacerts is a PKCS12 keystore):
SONAR_SCANNER_JSON_PARAMS = "{\"sonar.scanner.truststorePath\":\"/home/jenkins/cacerts\", \"sonar.scanner.truststorePassword\": \"changeit\"}"

Now this is the output:

2024-10-04 11:27:31  > ui-renderer-standalone-proxy@1.7.9 sonar
2024-10-04 11:27:31  > sonar-scanner -Dsonar.verbose=true
2024-10-04 11:27:31  
2024-10-04 11:27:31  [INFO]  Bootstrapper: Retrieving info from "package.json" file
2024-10-04 11:27:31  [DEBUG] Bootstrapper: Setting the log level to DEBUG due to verbose mode
2024-10-04 11:27:31  [DEBUG] Bootstrapper: Properties: {
2024-10-04 11:27:31    'sonar.userHome': '/home/jenkins/.sonar',
2024-10-04 11:27:31    'sonar.scanner.os': 'linux',
2024-10-04 11:27:31    'sonar.scanner.arch': 'x64',
2024-10-04 11:27:31    'sonar.exclusions': 'cicd/**,node_modules/**,coverage/**,commitlint.config.js',
2024-10-04 11:27:31    'sonar.projectKey': 'claims-ui-renderer-standalone-proxy',
2024-10-04 11:27:31    'sonar.projectName': 'Claims UI-Renderer Standalone Proxy',
2024-10-04 11:27:31    'sonar.projectVersion': '1.7.9',
2024-10-04 11:27:31    'sonar.projectDescription': 'Proxy for Standalone UI-Renderer pods',
2024-10-04 11:27:31    'sonar.links.homepage': 'https://<REPO_URL>#readme',
2024-10-04 11:27:31    'sonar.links.issue': 'https://<REPO_URL>/issues',
2024-10-04 11:27:31    'sonar.links.scm': 'git@<SSH_CREDENTIALS>',
2024-10-04 11:27:31    'sonar.javascript.lcov.reportPaths': './coverage/lcov.info',
2024-10-04 11:27:31    'sonar.language': 'js',
2024-10-04 11:27:31    'sonar.sources': '.',
2024-10-04 11:27:31    'sonar.tests': 'middlewares,routes,utils,test',
2024-10-04 11:27:31    'sonar.test.inclusions': './*.test.js,**/*.test.js',
2024-10-04 11:27:31    'sonar.testExecutionReportPaths': './coverage/sonar.xml',
2024-10-04 11:27:31    'sonar.scanner.truststorePath': '/home/jenkins/cacerts',
2024-10-04 11:27:31    'sonar.scanner.truststorePassword': 'changeit',
2024-10-04 11:27:31    'sonar.host.url': 'https://<URL>',
2024-10-04 11:27:31    'sonar.scanner.cliMirrorPort_8080Tcp': 'tcp://10.96.220.224:8080',
2024-10-04 11:27:31    'sonar.scanner.cliMirrorPort_8080TcpPort': '8080',
2024-10-04 11:27:31    'sonar.scanner.cliMirrorPort_8080TcpProto': 'tcp',
2024-10-04 11:27:31    'sonar.scanner.cliMirrorPort': 'tcp://10.96.220.224:8080',
2024-10-04 11:27:31    'sonar.scanner.cliMirrorServiceHost': '10.96.220.224',
2024-10-04 11:27:31    'sonar.scanner.cliMirrorServicePortWeb': '8080',
2024-10-04 11:27:31    'sonar.scanner.cliMirrorServicePort': '8080',
2024-10-04 11:27:31    'sonar.scanner.cliMirrorPort_8080TcpAddr': '10.96.220.224',
2024-10-04 11:27:31    'sonar.scanner.mirror': 'http://<SONAR_CLI_MIRROR>:8080/binaries/',
2024-10-04 11:27:31    'sonar.scanner.version': '6.0.0.4432',
2024-10-04 11:27:31    'sonar.verbose': 'true',
2024-10-04 11:27:31    'sonar.scanner.internal.isSonarCloud': 'false',
2024-10-04 11:27:31    'sonar.scanner.apiBaseUrl': 'https://<URL>/api/v2',
2024-10-04 11:27:31    'sonar.scanner.app': 'ScannerNpm',
2024-10-04 11:27:31    'sonar.scanner.appVersion': '4.2.1',
2024-10-04 11:27:31    'sonar.scanner.bootstrapStartTime': '1728034051852',
2024-10-04 11:27:31    'sonar.scanner.wasJreCacheHit': 'disabled',
2024-10-04 11:27:31    'sonar.scanner.wasEngineCacheHit': 'false',
2024-10-04 11:27:31    'sonar.projectBaseDir': '/var/lib/jenkins/wd/workspace/enderer-standalone-proxy_develop'
2024-10-04 11:27:31  }
2024-10-04 11:27:31  [INFO]  Bootstrapper: Platform: linux x64
2024-10-04 11:27:31  [DEBUG] Bootstrapper: Detecting proxy: No proxy detected
2024-10-04 11:27:31  [DEBUG] Bootstrapper: Using truststore at /home/jenkins/cacerts
2024-10-04 11:27:32  [DEBUG] Bootstrapper: 113 CA certificates found in truststore
2024-10-04 11:27:32  [INFO]  Bootstrapper: Server URL: https://<URL>
2024-10-04 11:27:32  [INFO]  Bootstrapper: Version: 4.2.1
2024-10-04 11:27:32  [DEBUG] Bootstrapper: Check if Server supports JRE provisioning
2024-10-04 11:27:32  [DEBUG] Bootstrapper: Detecting SonarQube server version
2024-10-04 11:27:32  [DEBUG] Bootstrapper: Fetching API V2 /analysis/version
2024-10-04 11:27:32  [DEBUG] Bootstrapper: Unable to fetch API V2 /analysis/version: AxiosError: Request failed with status code 404. Falling back on /api/server/version
2024-10-04 11:27:32  [DEBUG] Bootstrapper: Not using axios instance for https://<URL>/api/server/version
2024-10-04 11:27:32  [INFO]  Bootstrapper: SonarQube server version: 9.9.6
2024-10-04 11:27:32  [DEBUG] Bootstrapper: SonarQube Server v9.9.6 supports JRE provisioning: false
2024-10-04 11:27:32  [INFO]  Bootstrapper: JRE provisioning is NOT supported
2024-10-04 11:27:32  [INFO]  Bootstrapper: Falling back on using sonar-scanner-cli
2024-10-04 11:27:32  [INFO]  Bootstrapper: Starting analysis
2024-10-04 11:27:32  [DEBUG] Bootstrapper: Detecting proxy: No proxy detected
2024-10-04 11:27:33  11:27:33.289 INFO  Scanner configuration file: /home/jenkins/.sonar/native-sonar-scanner/sonar-scanner-6.0.0.4432-linux/conf/sonar-scanner.properties
2024-10-04 11:27:33  11:27:33.295 INFO  Project root configuration file: /var/lib/jenkins/wd/workspace/enderer-standalone-proxy_develop/sonar-project.properties
2024-10-04 11:27:33  11:27:33.316 INFO  SonarScanner CLI 6.0.0.4432
2024-10-04 11:27:33  11:27:33.318 INFO  Java 17.0.11 Eclipse Adoptium (64-bit)
2024-10-04 11:27:33  11:27:33.319 INFO  Linux 5.14.0-284.82.1.el9_2.x86_64 amd64
2024-10-04 11:27:33  11:27:33.381 DEBUG Scanner max available memory: 989 MB
2024-10-04 11:27:33  11:27:33.383 DEBUG Create: /home/jenkins/.sonar/cache
2024-10-04 11:27:33  11:27:33.384 INFO  User cache: /home/jenkins/.sonar/cache
2024-10-04 11:27:33  11:27:33.384 DEBUG Create: /home/jenkins/.sonar/cache/_tmp
2024-10-04 11:27:34  11:27:34.378 DEBUG Loaded [426] system trusted certificates
2024-10-04 11:27:35  11:27:35.178 DEBUG --> GET https://<URL>/api/v2/analysis/version
2024-10-04 11:27:35  11:27:35.520 DEBUG <-- 404 Not Found https://<WAF_URL>/healthcheck/404.html?al_req_id=Zv-1B1Uzx3dT8g9AD9a0fQAAAMw (341ms, unknown-length body)
2024-10-04 11:27:35  11:27:35.521 DEBUG --> GET https://<URL>/api/server/version
2024-10-04 11:27:35  11:27:35.556 DEBUG <-- 200 OK https://<URL>/api/server/version (34ms, 11-byte body)
2024-10-04 11:27:35  11:27:35.560 DEBUG Extract sonar-scanner-java-library-batch in temp...
2024-10-04 11:27:35  11:27:35.563 DEBUG Get bootstrap index...
2024-10-04 11:27:35  11:27:35.564 DEBUG --> GET https://<URL>/batch/index
2024-10-04 11:27:35  11:27:35.589 DEBUG <-- 200 OK https://<URL>/batch/index (25ms, 71-byte body)
2024-10-04 11:27:35  11:27:35.590 DEBUG Get bootstrap completed
2024-10-04 11:27:35  11:27:35.591 DEBUG Create isolated classloader...
2024-10-04 11:27:35  11:27:35.597 DEBUG Start temp cleaning...
2024-10-04 11:27:35  11:27:35.600 DEBUG Temp cleaning done
2024-10-04 11:27:35  11:27:35.601 INFO  Communicating with SonarQube Server 9.9.6.92038
2024-10-04 11:27:35  11:27:35.602 DEBUG Work directory: /var/lib/jenkins/wd/workspace/enderer-standalone-proxy_develop/.scannerwork
2024-10-04 11:27:35  11:27:35.603 DEBUG Execution execute
2024-10-04 11:27:36  11:27:36.009 DEBUG Developer 9.9.6.92038
2024-10-04 11:27:36  11:27:36.607 INFO  Load global settings
2024-10-04 11:27:36  11:27:36.782 INFO  EXECUTION FAILURE
2024-10-04 11:27:36  11:27:36.783 INFO  Total time: 3.578s
2024-10-04 11:27:36  [ERROR] Bootstrapper: 11:27:36.783 ERROR Error during SonarScanner CLI execution
2024-10-04 11:27:36  org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@e84a8e1-org.sonar.scanner.bootstrap.ScannerPluginRepository': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@e84a8e1-org.sonar.scanner.bootstrap.ScannerPluginInstaller': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@e84a8e1-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://<URL>/api/settings/values.protobuf
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:955)
2024-10-04 11:27:36  	at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:920)
2024-10-04 11:27:36  	at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583)
2024-10-04 11:27:36  	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:187)
2024-10-04 11:27:36  	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
2024-10-04 11:27:36  	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
2024-10-04 11:27:36  	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
2024-10-04 11:27:36  	at org.sonarsource.scanner.lib.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:41)
2024-10-04 11:27:36  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2024-10-04 11:27:36  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
2024-10-04 11:27:36  	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
2024-10-04 11:27:36  	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
2024-10-04 11:27:36  	at org.sonarsource.scanner.lib.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:62)
2024-10-04 11:27:36  	at jdk.proxy3/jdk.proxy3.$Proxy2.execute(Unknown Source)
2024-10-04 11:27:36  	at org.sonarsource.scanner.lib.InProcessScannerEngineFacade.doAnalyze(InProcessScannerEngineFacade.java:39)
2024-10-04 11:27:36  	at org.sonarsource.scanner.lib.ScannerEngineFacade.analyze(ScannerEngineFacade.java:61)
2024-10-04 11:27:36  	at org.sonarsource.scanner.cli.Main.analyze(Main.java:77)
2024-10-04 11:27:36  	at org.sonarsource.scanner.cli.Main.main(Main.java:63)
2024-10-04 11:27:36  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@e84a8e1-org.sonar.scanner.bootstrap.ScannerPluginInstaller': Unsatisfied dependency expressed through constructor parameter 0; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@e84a8e1-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://<URL>/api/settings/values.protobuf
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-10-04 11:27:36  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-10-04 11:27:36  	... 27 common frames omitted
2024-10-04 11:27:36  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'org.sonarsource.scanner.lib.internal.IsolatedClassloader@e84a8e1-org.sonar.scanner.bootstrap.PluginFiles': Unsatisfied dependency expressed through constructor parameter 1; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://<URL>/api/settings/values.protobuf
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-10-04 11:27:36  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-10-04 11:27:36  	... 41 common frames omitted
2024-10-04 11:27:36  Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'GlobalConfiguration' defined in org.sonar.scanner.bootstrap.GlobalConfigurationProvider: Unsatisfied dependency expressed through method 'provide' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://<URL>/api/settings/values.protobuf
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:541)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-10-04 11:27:36  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-10-04 11:27:36  	... 55 common frames omitted
2024-10-04 11:27:36  Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'GlobalServerSettings' defined in org.sonar.scanner.bootstrap.GlobalServerSettingsProvider: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://<URL>/api/settings/values.protobuf
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:658)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:638)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
2024-10-04 11:27:36  	at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791)
2024-10-04 11:27:36  	... 69 common frames omitted
2024-10-04 11:27:36  Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.sonar.scanner.bootstrap.GlobalServerSettings]: Factory method 'provide' threw exception; nested exception is java.lang.IllegalStateException: Fail to request url: https://<URL>/api/settings/values.protobuf
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653)
2024-10-04 11:27:36  	... 83 common frames omitted
2024-10-04 11:27:36  Caused by: java.lang.IllegalStateException: Fail to request url: https://<URL>/api/settings/values.protobuf
2024-10-04 11:27:36  	at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:208)
2024-10-04 11:27:36  	at org.sonarqube.ws.client.HttpConnector.get(HttpConnector.java:125)
2024-10-04 11:27:36  	at org.sonarqube.ws.client.HttpConnector.call(HttpConnector.java:112)
2024-10-04 11:27:36  	at org.sonar.scanner.bootstrap.DefaultScannerWsClient.call(DefaultScannerWsClient.java:87)
2024-10-04 11:27:36  	at org.sonar.scanner.repository.settings.AbstractSettingsLoader.load(AbstractSettingsLoader.java:60)
2024-10-04 11:27:36  	at org.sonar.scanner.repository.settings.DefaultGlobalSettingsLoader.loadGlobalSettings(DefaultGlobalSettingsLoader.java:35)
2024-10-04 11:27:36  	at org.sonar.scanner.bootstrap.GlobalServerSettingsProvider.provide(GlobalServerSettingsProvider.java:35)
2024-10-04 11:27:36  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2024-10-04 11:27:36  	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
2024-10-04 11:27:36  	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
2024-10-04 11:27:36  	at java.base/java.lang.reflect.Method.invoke(Unknown Source)
2024-10-04 11:27:36  	at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:154)
2024-10-04 11:27:36  	... 84 common frames omitted
2024-10-04 11:27:36  Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-10-04 11:27:36  	at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.SSLHandshake.consume(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.TransportContext.dispatch(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
2024-10-04 11:27:36  	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)
2024-10-04 11:27:36  	at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337)
2024-10-04 11:27:36  	at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209)
2024-10-04 11:27:36  	at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)
2024-10-04 11:27:36  	at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)
2024-10-04 11:27:36  	at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)
2024-10-04 11:27:36  	at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)
2024-10-04 11:27:36  	at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
2024-10-04 11:27:36  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-10-04 11:27:36  	at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
2024-10-04 11:27:36  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-10-04 11:27:36  	at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
2024-10-04 11:27:36  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-10-04 11:27:36  	at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
2024-10-04 11:27:36  	at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
2024-10-04 11:27:36  	at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
2024-10-04 11:27:36  	at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
2024-10-04 11:27:36  	at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:206)
2024-10-04 11:27:36  	... 95 common frames omitted
2024-10-04 11:27:36  Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-10-04 11:27:36  	at java.base/sun.security.validator.PKIXValidator.doBuild(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.validator.Validator.validate(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
2024-10-04 11:27:36  	... 125 common frames omitted
2024-10-04 11:27:36  Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
2024-10-04 11:27:36  	at java.base/sun.security.provider.certpath.SunCertPathBuilder.build(Unknown Source)
2024-10-04 11:27:36  	at java.base/sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
2024-10-04 11:27:36  	at java.base/java.security.cert.CertPathBuilder.build(Unknown Source)
2024-10-04 11:27:36  	... 130 common frames omitted
2024-10-04 11:27:36  
2024-10-04 11:27:36  [ERROR] Bootstrapper: 11:27:36.788 ERROR 
2024-10-04 11:27:36  11:27:36.788 ERROR Re-run SonarScanner CLI using the -X switch to enable full debug logging.
2024-10-04 11:27:36  
2024-10-04 11:27:36  [ERROR] Bootstrapper: An error occurred: Error: SonarScanner CLI failed with code 1

Do you have any idea why this is working in the first place but then failing when calling api/settings/values.protobuf?

Hello @majenny ,

Thanks for the additional debug logs, we identified an issue in the Scanner CLI which was fixed in 6.2.1.4610 3 days ago. Unfortunately, it is not possible to use this version of the Scanner CLI in the NPM Scanner for now (yours is 6.0.0),

We will be working on a fix to release very soon, you can follow up SCANNPM-51 to be up to date,

Hope this helps
Benjamin

Hi Benjamin Raymond
Thank you for the update.

I guess the issue with NPM Scanner is with the x64 at the end of the archive. :slight_smile:

1 Like

Hello @majenny , could you please try the latest NPM Scanner v4.2.4 which sould solve your issue?

I’m still having the same issue even with 4.2.4

export SONAR_SCANNER_JSON_PARAMS=“{"sonar.scanner.truststorePath":"/tmp/eng.cacerts", "sonar.scanner.truststorePassword": "changeit"}”

sonar-scanner -Dsonar.host.url=https://eng/sonar -Dsonar.token=d2e770fbc2b63 -Dsonar.scanner.truststorePath=/tmp/eng.cacerts -Dsonar.scanner.truststorePassword=changeit -X

Hi @sancho21

What is the format of /tmp/eng.cacerts? Is it a pkcs12 keystore?

Can you share new verbose logs of the analysis?

Thanks

Yes. It’s PKCS12. Default Java format

[INFO] Bootstrapper: Retrieving info from “package.json” file
[DEBUG] Bootstrapper: Setting the log level to DEBUG due to verbose mode
[DEBUG] Bootstrapper: Properties: {
‘sonar.userHome’: ‘/home/muhammad.ichsan/.sonar’,
‘sonar.scanner.os’: ‘linux’,
‘sonar.scanner.arch’: ‘x64’,
‘sonar.exclusions’: ‘node_modules/,bower_components/,jspm_packages/,typings/,lib-cov/**’,
‘sonar.projectKey’: ‘HTF-APPLICATION-UI’,
‘sonar.projectName’: ‘htf-application-ui’,
‘sonar.verbose’: ‘true’,
‘sonar.host.url’: ‘https://eng/sonar’,
‘sonar.token’: ‘secret’,
‘sonar.scanner.truststorePath’: ‘/tmp/eng.cacerts’,
‘sonar.scanner.truststorePassword’: ‘changeit’,
‘sonar.scanner.internal.isSonarCloud’: ‘false’,
‘sonar.scanner.apiBaseUrl’: ‘https://eng/sonar/api/v2’,
‘sonar.scanner.app’: ‘ScannerNpm’,
‘sonar.scanner.appVersion’: ‘4.2.4’,
‘sonar.scanner.bootstrapStartTime’: ‘1728911742299’,
‘sonar.scanner.wasJreCacheHit’: ‘disabled’,
‘sonar.scanner.wasEngineCacheHit’: ‘false’,
‘sonar.projectBaseDir’: ‘/tmp/application-ui’
}
[INFO] Bootstrapper: Platform: linux x64
[DEBUG] Bootstrapper: Detecting proxy: No proxy detected
[DEBUG] Bootstrapper: Using truststore at /tmp/eng.cacerts
[DEBUG] Bootstrapper: 1 CA certificates found in truststore
[INFO] Bootstrapper: Server URL: https://eng/sonar
[INFO] Bootstrapper: Version: 4.2.4
[DEBUG] Bootstrapper: Check if Server supports JRE provisioning
[DEBUG] Bootstrapper: Detecting SonarQube server version
[DEBUG] Bootstrapper: Fetching API V2 /analysis/version
[DEBUG] Bootstrapper: Unable to fetch API V2 /analysis/version: Error: unable to verify the first certificate. Falling back on /api/server/version
[DEBUG] Bootstrapper: Not using axios instance for https://eng/sonar/api/server/version
[ERROR] Bootstrapper: Failed to fetch server version: Error: unable to verify the first certificate
[ERROR] Bootstrapper: Verify that https://eng/sonar is a valid SonarQube server
[ERROR] Bootstrapper: An error occurred: Error: unable to verify the first certificate

This cert is accepted by Docker version (even though I got different error after a while: node.js - Docker Sonarqube scanner error java.lang.reflect.InaccessibleObjectException - Stack Overflow)

Hello Benjamin Raymond
I’ll try it today and will let you know if it’s working for me.

Hello Benjamin Raymond

I can confirm it is working (doesn’t matter if JKS or PKCS12, both works).

However, there seems to be another issue with the CLI Scanner. withSonarQubeEnv in Jenkins will provide the proper token to authenticate against the server. However, with CLI Scanner version 6.2.1.4610 the token seems to be ignored.

I am currently trying to figure out if this has something to do with the very limited SONAR_SCANNER_JSON_PARAMS variable I set which only contains truststore path an truststore password currently.

EDIT
It seems that withSonarQubeEnv does not play along nicely with SONAR_SCANNER_JSON_PARAMS. When I remove it, it works again.

EDIT2
I consulted the documentation and I assume that SONAR_SCANNER_JSON_PARAMS will override the withSonarQubeEnv settings. Not sure if this is intended behavior.

I have seen that you took over development of the Jenkins Plugin.
I guess it is still using SONARQUBE_SCANNER_PARAMS instead of SONARQUBE_SCANNER_JSON_PARAMS, right?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.