Update Tanuki Service Wrapper

ianw · January 8, 2022, 1:27am

SonarQube LTS 8.9.6 currently ships with bundled Tanuki Service wrapper - Version 3.2.3 - released 2006-10-16. That’s over 15 years ago !

The latest (as of 2022-01-07) release is Version 3.5.48: (2021-12-22)

There are a number of security fixes, crash fixes and significant performance and feature improvements as well.

Can Sonar team look at upgrading this for the next LTS incremental of full LTS release ?

ianw · January 9, 2022, 6:24am

And when you revisit the wrapper, also review how you determine the mechanism to resolve java as the existing one is left wanting.

See:

Christophe_Havard · January 12, 2022, 1:16pm

Hi @ianw ,
Thank you for pointing this out
We already have a ticket opened that you can follow. I don’t know when it will be tackled.

Kind regards,
Christophe

ianw · January 12, 2022, 5:21pm

hmm … I read that now and am concerned that the ticket says:

“The windows service tool has security issues and we now recommend people configure it manually.”

I don’t recall seeing anything in the SonarQube instructions to “configure manually”. What is the security issue and what is the manual instructions?

Also, I attempted to follow the attached “Discuss thread”, but is it requesting a login to Discourse using either SAML or Google, but won’t accept my Google to sign up. Can a summary be provided?

ganncamp · January 12, 2022, 5:53pm

Hi,

Sorry about publishing the link to a private thread. I’ve moved it so others won’t face the same frustration. The jist is that if you follow the directions to run SonarQube as a service, then you aren’t using the wrapper anyway.

HTH,
Ann

ganncamp · August 12, 2022, 5:35pm

Hi,

With SonarQube 9.6, E.T.A. Monday, we’ve dropped the service wrapper.

Ann

ianw · August 12, 2022, 6:28pm

What options will there there be not run SonarQube not as a service ?

Our LTS Production instance is installed as a service, with central monitoring and alerting, central logging, runbook, etc. But this is burdensome for our non-Prod instance, which is only used to test and validate the upgrades and then shut down. We don’t want to engage all the other teams we would need to, so run with a modified sonar.sh / tanuki wrapper to address the problems we identified.

Similarly for those interested in evaluating SonarQube, installing as a service may be a burden and discourage their evaluation or adoption of your product.

ganncamp · August 12, 2022, 6:33pm

Hi,

For MacOS & Linux we’ve switched to nohup. Windows will use an up-to-date, Win-specific wrapper. Does that help?

Ann

Colin · August 18, 2022, 6:43am

A post was split to a new topic: Feedback on changes from JSW to nohup

system · August 25, 2022, 6:43am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.