IM running Sonarqube 9.5 and the build servers are running Windows Defender. Version of scanner 4.23.1
After setting Defender and add exlusions, i still see that “Run Analysis” takes from 40-60s before to 5-6 minutes.
IM not sure if upgrade the scanner will fix the issue
Hi,
Per the docs, we don’t recommend running a virus scanner on the analysis machine:
We do not recommend running an antivirus scanner on the machine where a SonarQube analysis runs, it could result in unpredictable behavior.
Really, slowdowns are the best-case scenario here.
Ann
Clarification on “analysis machine”: is this the machine that runs the scanner (e.g., the Maven plugin), or the SQ server itself (which does its own analysis after getting the upload from the scanner)? Or both?
Hi @MisterPi,
Here, the analysis machine is the system where your source code resides and from which the SonarQube analysis is executed.
Thanks,
Aravind
Thanks. Are there any recommendations specifically about virus scanners on the server? I didn’t see any in the docs.
Has anyone noticed any problems when running Defender (or any other AV product) on the server?
Hi,
You really don’t want to run a virus scanner on the SonarQube server either. They have a nasty habit of locking SonarQube out of its own files while SonarQube is trying to use them. It doesn’t go well.
HTH,
Ann
Yeah, I don’t want… but other people do :(. Probably the best I can hope for is exclusion lists. Can you tell me where “its own files” are? Is that limited to everything under the SONAR_HOME root (the parent of the bin and conf directories)? (And same question for the scanner as well, which in our case is on a server running Jenkins and Maven.)
Hi,
Yes, that will work, assuming you haven’t rehomed Elasticsearch to put its indices somewhere else. What you’re concerned with is, IIRC, the log files and the Elasticsearch files. Oh, and I think there’s a lock file in there somewhere too.
HTH,
Ann