We keep getting a lot of 'ERROR: Failed to download the sensor cache'

Multiple projects are reporting ‘ERROR: Failed to download the sensor cache’ in their PR build logs.

This does not cause the builds or analysis to fail, but is annoying to the programmers looking at PRs in azure devops.

Is there anything we can do about this?

The logs are filling with stacktraces like

2025-03-25T10:21:34.0883420Z 12:21:34.087 DEBUG: --> GET https://analysis-sensorcache-eu-central-1-prod.s3.eu-central-1.amazonaws.com/AY9g6errjcF54ToOjJNv/AZEm1BjnpzGpahwkDL9V/AZEm1BjnpzGpahwkDL9V?X-Amz-Security-Token=<snip>&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20250325T102134Z&X-Amz-SignedHeaders=host&X-Amz-Credential=_%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Expires=900&X-Amz-Signature=<snip>
2025-03-25T10:21:34.2414750Z 12:21:34.240 DEBUG: <-- HTTP FAILED: java.net.SocketException: Connection reset
2025-03-25T10:21:34.2415420Z 12:21:34.240 INFO: Load sensor cache (failed) | time=550ms
2025-03-25T10:21:34.2492748Z 12:21:34.246 ERROR: Failed to download the sensor cache
2025-03-25T10:21:34.2604039Z java.lang.IllegalStateException: Fail to request https://analysis-sensorcache-eu-central-1-prod.s3.eu-central-1.amazonaws.com/AY9g6errjcF54ToOjJNv/AZEm1BjnpzGpahwkDL9V/AZEm1BjnpzGpahwkDL9V?X-Amz-Security-Token=<snip>&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20250325T102134Z&X-Amz-SignedHeaders=host&X-Amz-Credential=_%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Expires=900&X-Amz-Signature=<snip>
2025-03-25T10:21:34.2607286Z 	at com.sonarsource.scanner.engine.webapi.client.HttpConnector.doCall(HttpConnector.java:253)
2025-03-25T10:21:34.2607835Z 	at com.sonarsource.scanner.engine.webapi.client.HttpConnector.get(HttpConnector.java:151)
...
	at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: java.net.SocketException: Connection reset
	at java.base/sun.nio.ch.NioSocketImpl.implRead(Unknown Source)
	at java.base/sun.nio.ch.NioSocketImpl.read(Unknown Source)
	at java.base/sun.nio.ch.NioSocketImpl$1.read(Unknown Source)
	at java.base/java.net.Socket$SocketInputStream.read(Unknown Source)
	at java.base/sun.security.ssl.SSLSocketInputRecord.read(Unknown Source)
	at java.base/sun.security.ssl.SSLSocketInputRecord.readHeader(Unknown Source)
	at java.base/sun.security.ssl.SSLSocketInputRecord.decode(Unknown Source)
	at java.base/sun.security.ssl.SSLTransport.decode(Unknown Source)
	at java.base/sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
	at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
	at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
	at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379)
...
	... 120 common frames omitted

Hi,

Are you using self-hosted build agents?

Can we have the full analysis log, starting from the analysis command itself?

 
Thx,
Ann

Hi,

Thank you for answering.

The build agents are windows virtual machines hosted on azure, so essentially self hosted. I am not sure how much I am allowed to share clients code structure etc. so I’m not comfortable sharing full logs.

There are multiple projects where this is happensíng so I’ve just started to switch off the Sensor Cache from project settings since it’s starting to annoy a lot of people.

Looking at this part of the logs maybe ‘sonar.scanner.skipSystemTruststore=true’ would be one answer? Could there be a better way? I assume it has something to do with certificates.

2025-03-25T06:47:36.2650741Z 08:47:36.259 INFO: Load metrics repository
2025-03-25T06:47:36.2651820Z 08:47:36.263 DEBUG: --> GET https://sonarcloud.io/api/metrics/search?f=name,description,direction,qualitative&ps=500&p=1
2025-03-25T06:47:36.2963726Z 08:47:36.295 DEBUG: <-- 200 https://sonarcloud.io/api/metrics/search?f=name,description,direction,qualitative&ps=500&p=1 (31ms, unknown-length body)
2025-03-25T06:47:36.3278035Z 08:47:36.304 INFO: Load metrics repository (done) | time=45ms
2025-03-25T06:47:36.3279022Z 08:47:36.312 INFO: Sensor cache enabled
2025-03-25T06:47:36.3291824Z 08:47:36.314 DEBUG: Initialize GenericWsClient
2025-03-25T06:47:36.3292484Z 08:47:36.315 DEBUG: Loading OS trusted SSL certificates...
2025-03-25T06:47:36.3293051Z 08:47:36.315 DEBUG: This operation might be slow or even get stuck. You can skip it by passing the scanner property 'sonar.scanner.skipSystemTruststore=true'
2025-03-25T06:47:36.3522097Z 08:47:36.347 DEBUG: Successfully loaded KeyStore of the type [Windows-ROOT] having [37] entries
2025-03-25T06:47:36.3681330Z 08:47:36.367 DEBUG: Successfully loaded KeyStore of the type [Windows-ROOT-LOCALMACHINE] having [37] entries
2025-03-25T06:47:36.3906094Z 08:47:36.389 DEBUG: Successfully loaded KeyStore of the type [Windows-ROOT-CURRENTUSER] having [37] entries
2025-03-25T06:47:36.3928563Z 08:47:36.391 DEBUG: Successfully loaded KeyStore of the type [Windows-MY] having [0] entries
2025-03-25T06:47:36.3951944Z 08:47:36.394 DEBUG: Successfully loaded KeyStore of the type [Windows-MY-CURRENTUSER] having [0] entries
2025-03-25T06:47:36.3995908Z 08:47:36.398 DEBUG: Successfully loaded KeyStore of the type [Windows-MY-LOCALMACHINE] having [0] entries
2025-03-25T06:47:36.3998284Z 08:47:36.398 DEBUG: Loaded [111] system trusted certificates
2025-03-25T06:47:36.4398268Z 08:47:36.438 INFO: Load sensor cache
2025-03-25T06:47:36.4407897Z 08:47:36.439 DEBUG: --> GET https://api.sonarcloud.io/analysis/sensor-cache/prepare-read?organization=eskosystemsoy&project=eskosystemsoy_Esko-laakehoito-Dotnet&branch=develop
2025-03-25T06:47:36.8184094Z 08:47:36.817 DEBUG: <-- 200 https://api.sonarcloud.io/analysis/sensor-cache/prepare-read?organization=eskosystemsoy&project=eskosystemsoy_Esko-laakehoito-Dotnet&branch=develop (377ms, 1497-byte body)
2025-03-25T06:47:36.8977630Z 08:47:36.896 DEBUG: --> GET https://analysis-sensorcache-eu-central-1-prod.s3.eu-central-1.amazonaws.com/AY9g6errjcF54ToOjJNv/AZBeKr5RgDL8p9XeuNlG/AZBeKr5RgDL8p9XeuNlG?X-Amz-Security-Token=IQoJb3JpZ2luX2VjEKb%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaDGV1LWNlbnRyYWwtMSJHMEUCIH6z%2FgJ6ZqOg3BHAxfXgOu7GzO%2F4rPIkx7V6S4U1cKWsAiEAifHzDkbEtSdFCzctk0xe9gKhDGbxykhWDModLpe%2Fci4qrwMI%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARADGgw0ODgwNTk5NjU2MzUiDM7GPIeieCRtf4KmpSqDA07NBsB8f2yubR4A420FTneYhb98qrh%2FKu%2FrRZi3XiVk%2B9hEr7oDQn8MOXhl50WqhjRJpY2aVwq79FCUeGZz7v8DC00KWtxuRG0pIgGUqw8uhFwRnJjBVZWoITjAXfflyM0X7dg9MsoAk5bvwL9KovCdvRNWqotaazFOuB2km8ZI%2B17mOM1ULdKwNxHWpy4uKzwzk9ycmTz1DSFtjzYh0iN%2FyS%2FZ2I7p9tyoggHDLumNd2cdRZv4AEB0JZYyYjytJobsCUx9iyGECs9rs8bDHMMfli63NiiDnFWHHlwrEzXy5C69pongXgYFxCwb3vs6XPucbnycIcNZ%2BC6QrVoO1%2BKX6aoZptho7jHbzbliRkDKbgG%2FQnQ1HQe7mBD5kji1DJmd%2BluZ0HC24oiz%2FBQyq7LoZeGFgsKsDA6HrJqXNSj%2FcawCa%2FknDOv1rh%2FZ%2FMiNqQtugrpQMYrkAJd3Cx8wtI7bjnrKCVNlPTvUfGyMWSmiJkbl7KbhYwSi2N9QsZdTz%2BO3vzC2gom%2FBjqdASytqWaio4l3YTBTWBsvH9RfSI9SRSJL1mAonYul7yCBWSeAnXBSpw3zomEGvhrnLtyBjnlhdkjF8Zg0RbUMtpqFlbtql%2Bs1F1mIJf8q47wfhQzyFChIUt3JrifXhtoeypA4uhZMWq9tZOKU4Ug83Bb0P2xZYxuRlnD3R80B6C3diJPOxdEM2%2BxGDaanEimOwr%2BrfFTFaBbg4xbF%2FpI%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20250325T064736Z&X-Amz-SignedHeaders=host&X-Amz-Credential=ASIAXDIVECDB63V26IHC%2F20250325%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Expires=900&X-Amz-Signature=01e49682c3044e567f503c9971cd2195fdb07d53e78e30ed3bb578f4343b5753
2025-03-25T06:47:37.0420849Z 08:47:37.039 DEBUG: <-- HTTP FAILED: java.net.SocketException: Connection reset
2025-03-25T06:47:37.0421947Z 08:47:37.040 INFO: Load sensor cache (failed) | time=602ms
2025-03-25T06:47:37.0533767Z ##[error]08:47:37.049 ERROR: Failed to download the sensor cache
java.lang.IllegalStateException: Fail to request https://analysis-sensorcache-eu-central-1-prod.s3.eu-central-1.amazonaws.com/AY9g6errjcF54ToOjJNv/AZBeKr5RgDL8p9XeuNlG/AZBeKr5RgDL8p9XeuNlG?X-Amz-Security-Token=IQoJb3JpZ2luX2VjEKb%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaDGV1LWNlbnRyYWwtMSJHMEUCIH6z%2FgJ6ZqOg3BHAxfXgOu7GzO%2F4rPIkx7V6S4U1cKWsAiEAifHzDkbEtSdFCzctk0xe9gKhDGbxykhWDModLpe%2Fci4qrwMI%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARADGgw0ODgwNTk5NjU2MzUiDM7GPIeieCRtf4KmpSqDA07NBsB8f2yubR4A420FTneYhb98qrh%2FKu%2FrRZi3XiVk%2B9hEr7oDQn8MOXhl50WqhjRJpY2aVwq79FCUeGZz7v8DC00KWtxuRG0pIgGUqw8uhFwRnJjBVZWoITjAXfflyM0X7dg9MsoAk5bvwL9KovCdvRNWqotaazFOuB2km8ZI%2B17mOM1ULdKwNxHWpy4uKzwzk9ycmTz1DSFtjzYh0iN%2FyS%2FZ2I7p9tyoggHDLumNd2cdRZv4AEB0JZYyYjytJobsCUx9iyGECs9rs8bDHMMfli63NiiDnFWHHlwrEzXy5C69pongXgYFxCwb3vs6XPucbnycIcNZ%2BC6QrVoO1%2BKX6aoZptho7jHbzbliRkDKbgG%2FQnQ1HQe7mBD5kji1DJmd%2BluZ0HC24oiz%2FBQyq7LoZeGFgsKsDA6HrJqXNSj%2FcawCa%2FknDOv1rh%2FZ%2FMiNqQtugrpQMYrkAJd3Cx8wtI7bjnrKCVNlPTvUfGyMWSmiJkbl7KbhYwSi2N9QsZdTz%2BO3vzC2gom%2FBjqdASytqWaio4l3YTBTWBsvH9RfSI9SRSJL1mAonYul7yCBWSeAnXBSpw3zomEGvhrnLtyBjnlhdkjF8Zg0RbUMtpqFlbtql%2Bs1F1mIJf8q47wfhQzyFChIUt3JrifXhtoeypA4uhZMWq9tZOKU4Ug83Bb0P2xZYxuRlnD3R80B6C3diJPOxdEM2%2BxGDaanEimOwr%2BrfFTFaBbg4xbF%2FpI%3D&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Date=20250325T064736Z&X-Amz-SignedHeaders=host&X-Amz-Credential=ASIAXDIVECDB63V26IHC%2F20250325%2Feu-central-1%2Fs3%2Faws4_request&X-Amz-Expires=900&X-Amz-Signature=01e49682c3044e567f503c9971cd2195fdb07d53e78e30ed3bb578f4343b5753
	at com.sonarsource.scanner.engine.webapi.client.HttpConnector.doCall(HttpConnector.java:253)

Hi,

I was really hoping for the full analysis log, from the analysis command itself through to the last line of the stacktrace.

However, you have provided a previous, successful GET request, so we know the basic connectivity between server and build agent is there.

No, I don’t think so. The certificate loads all complete successfully.

I think your proxy is balking at delivering the payload. You should talk to your network folks.

 
HTH,
Ann