I'm setting up sonarqube scan jobs in Jenkins and I have ensured to provide my svn credentials in sonarqube at 'Administration>Configuration>SCM>Username+Password.
Most of the jobs scan fine with svn blame data however one particular job I'm still getting the authentication error as below during the scm data scanning phase:
19:42:06.883 INFO: SCM provider for this project is: svn
19:42:06.883 INFO: 10938 files to be analyzed
19:42:16.899 INFO: 3/10938 files analyzed
19:42:26.901 INFO: 4/10938 files analyzed
.......
19:46:27.024 INFO: 246/10938 files analyzed
19:46:37.028 INFO: 247/10938 files analyzed
19:46:47.036 INFO: 247/10938 files analyzed
19:46:57.044 INFO: 247/10938 files analyzed
19:47:07.044 INFO: 247/10938 files analyzed
19:47:17.044 INFO: 247/10938 files analyzed
19:47:27.044 INFO: 247/10938 files analyzed
19:47:37.044 INFO: 247/10938 files analyzed
19:47:40.763 INFO: 248/10938 files analyzed
19:47:40.888 INFO: ------------------------------------------------------------------------
19:47:40.888 INFO: EXECUTION FAILURE
19:47:40.888 INFO: ------------------------------------------------------------------------
19:47:40.888 INFO: Total time: 2:02:46.450s
19:47:41.075 INFO: Final Memory: 36M/3064M
19:47:41.075 INFO: ------------------------------------------------------------------------
19:47:41.075 ERROR: Error during SonarQube Scanner execution
19:47:41.075 ERROR: Error when executing blame for file foo/bar.java
19:47:41.075 ERROR: Caused by: svn: E170001: Authentication required for '<http://svn-app:1234> john'
19:47:41.075 ERROR:
19:47:41.075 ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.
WARN: Unable to locate 'report-task.txt' in the workspace. Did the SonarScanner succedeed?
ERROR: SonarQube scanner exited with non-zero code: 1
Finished: FAILURE
What's weird is that I've ran this scan multiple times and this error always pop around the 240-250th file it was analyzing i.e. not always the same file. Weirdly, authentication went through initially, just that around the 240-250th file then this error pops.
Various solutions recommend to disable scm sensor (sonar.scm.disabled=true) which my requirements forbids. I need the scm blame data.
I have tried the following things:
Restarting Jenkins Server
Restarting Sonarqube Server
Restarting SVN Server
In jenkins job configuration> sonarqube analysis properties, setting sonar.scm.username and sonar.scm.password
Deleting the job as well as workspace and recreating a new job.
Turns out it was due to the KeepAliveTimeout parameter at SVN being set too low. When it was analyzing the particular large file then it hits this timeout (for instance, more than 1 minute on the 207th file as per my code example), causing SVN to rechallenge sonarqube for credentials.
Now other svn clients would've created a credential cache under %HOMEPATH%/AppData/Roaming/Subversion/auth/svn.simple/ and retrieve this cache when this situation is encountered. However Sonarqube's svn plugin (svnkit) does not store credentials cache, and even if a cache exist it would not know how to read it(tried it with both encrypted and plaintext cache).
Editing the svn's KeepAliveTimeout parameter in httpd.conf solved this problem with a trade-off on svn server's performance theoretically - because svn would have wait longer before confirming a client is idle to close connection to reclaim resources, so increasing the KeepAliveTimeout parameter would cause svn to hold more requests at any given time.
References:
SVN Authentication Network Model: http://svnbook.red-bean.com/nightly/en/svn.serverconfig.netmodel.html#svn.serverconfig.netmodel.creds
Similar Issue: https://groups.google.com/forum/#!topic/sonarqube/-Vz2zoOBS1Y
SVNkit Authentication Mechanism: https://wiki.svnkit.com/Authentication:
https://github.com/jenkinsci/svnkit
Sonarqube SVNkit plugin repo: https://github.com/SonarSource/sonar-scm-svn
Jenkins SVNkit plugin repo: https://github.com/jenkinsci/svnkit
Related
SonarQube version 9.6 (Community Edition) Deployed on Azure
TFS 2018 Update 16.131 TFS
Sonarqube extension version 4.23.1.266 (Had to use an older version
because TFS only allowed <25mb extensions)
Code .NET Framework 4.7.2
I deployed sonarqube using this github repo. https://github.com/vanderby/SonarQube-AzureAppService. When executing the build in TFS, I get the following error.
2022-09-08T07:02:17.1827740Z ##[section]Starting: [DEPRECATED] Fetch the Quality Profile from SonarQube
2022-09-08T07:02:17.1936543Z ==============================================================================
2022-09-08T07:02:17.1940305Z Task : SonarQube for MSBuild - Begin Analysis
2022-09-08T07:02:17.1941880Z Description : [DEPRECATED] Fetch the Quality Profile from SonarQube to configure the analysis
2022-09-08T07:02:17.1943771Z Version : 1.0.50
2022-09-08T07:02:17.1945481Z Author : Microsoft Corporation
2022-09-08T07:02:17.1946562Z Help : [More Information](https://go.microsoft.com/fwlink/?LinkId=620063)
2022-09-08T07:02:17.1947917Z ==============================================================================
2022-09-08T07:02:17.2127920Z ##[warning]Task 'SonarQubePreBuild' (1.0.50) is using deprecated task execution handler. The task should use the supported task-lib: https://aka.ms/tasklib
2022-09-08T07:02:17.2137624Z Preparing task execution handler.
2022-09-08T07:02:18.4131002Z Executing the powershell script: D:\Agent\TFS_AGENT_06\_work\_tasks\SonarQubePreBuild_eae5b2cc-ac5e-4cba-b022-a06621f9c01f\1.0.50\SonarQubePreBuild.ps1
2022-09-08T07:02:18.9665316Z ##[warning] The ownership of the SonarQube related build tasks is being transferred to SonarSource.
2022-09-08T07:02:18.9674084Z ##[warning] Please replace this build task with the one brought by SonarSource's extension on the marketplace: https://aka.ms/sqextension
2022-09-08T07:02:18.9681553Z ##[warning] For more details go to https://aka.ms/sqtransfer
Removed blank lines
2022-09-08T07:02:19.6273139Z SonarQube Scanner for MSBuild 1.1
2022-09-08T07:02:19.7283557Z Default properties file was not found at D:\Agent\TFS_AGENT_06\_work\_tasks\SonarQubePreBuild_eae5b2cc-ac5e-4cba-b022-a06621f9c01f\1.0.50\SonarQube.Bootstrapper\SonarQube.Analysis.xml
2022-09-08T07:02:19.7285250Z Pre-processing started.
2022-09-08T07:02:19.7285878Z Preparing working directories...
2022-09-08T07:02:19.7287268Z Checking for updates...
2022-09-08T07:02:20.2338425Z ##[error]Could not find a file on the SonarQube server. Url: https://myurl.azurewebsites.net/static/csharp/SonarQube.MSBuild.Runner.Implementation.zip
2022-09-08T07:02:20.2342400Z ##[error]Failed to update the SonarQube Scanner for MSBuild binaries. Check the server url, verify that the C# plugin is correctly installed on the SonarQube server and that the SonarQube server has been restarted.
2022-09-08T07:02:20.2344784Z ##[error]Pre-processing failed. Exit code: 1
2022-09-08T07:02:20.2596838Z ##[error]System.Exception: Unexpected exit code received from batch file: 1
2022-09-08T07:02:20.2600986Z at Microsoft.TeamFoundation.DistributedTask.Task.Internal.InvokeBatchScriptCmdlet.ProcessRecord()
2022-09-08T07:02:20.2603205Z at System.Management.Automation.CommandProcessor.ProcessRecord()
2022-09-08T07:02:20.2918529Z ##[error]PowerShell script completed with 1 errors.
2022-09-08T07:02:20.2948851Z ##[section]Finishing: [DEPRECATED] Fetch the Quality Profile from SonarQube
I have seen multiple posts with the answer to install a C# plugin, but I am unable to find it in the plugin list. For example I found this github page which contains a link to download the plugin, but the url is not valid anymore.
I created a Bazel archive tar using the steps provides in the Bazel docs. Most of the packages are being loaded locally except for this one. Please see error below.
C:\Developers\examples-master\java-tutorial>bazel build --distdir=C:\Developers\bazel-tar //:ProjectRunner Starting local Bazel server and connecting to it... INFO: Repository remotejdk11_win instantiated at: no stack (--record_rule_instantiation_callstack not enabled) Repository rule http_archive defined at: C:/users/syuopm/_bazel_syuopm/v5bxa2ms/external/bazel_tools/tools/build_defs/repo/http.bzl:336:31: in WARNING: Download from https://mirror.bazel.build/openjdk/azul-zulu11.37.17-ca-jdk11.0.6/zulu11.37.17-ca-jdk11.0.6-win_x64.zip failed: class java.io.IOException connect timed out ERROR: An error occurred during the fetch of repository 'remotejdk11_win': java.io.IOException: Error downloading [https://mirror.bazel.build/openjdk/azul-zulu11.37.17-ca-jdk11.0.6/zulu11.37.17-ca-jdk11.0.6-win_x64.zip] to C:/users/syuopm/_bazel_syuopm/v5bxa2ms/external/remotejdk11_win/zulu11.37.17-ca-jdk11.0.6-win_x64.zip: connect timed out INFO: Repository remote_java_tools_windows instantiated at: no stack (--record_rule_instantiation_callstack not enabled) Repository rule http_archive defined at: C:/users/syuopm/_bazel_syuopm/v5bxa2ms/external/bazel_tools/tools/build_defs/repo/http.bzl:336:31: in ERROR: C:/users/syuopm/_bazel_syuopm/v5bxa2ms/external/bazel_tools/tools/jdk/BUILD:492:6: #bazel_tools//tools/jdk:remote_jdk11 depends on #remotejdk11_win//:jdk in repository #remotejdk11_win which failed to fetch. no such package '#remotejdk11_win//': java.io.IOException: Error downloading [https://mirror.bazel.build/openjdk/azul-zulu11.37.17-ca-jdk11.0.6/zulu11.37.17-ca-jdk11.0.6-win_x64.zip] to C:/users/syuopm/_bazel_syuopm/v5bxa2ms/external/remotejdk11_win/zulu11.37.17-ca-jdk11.0.6-win_x64.zip: connect timed out ERROR: Analysis of target '//:ProjectRunner' failed; build aborted: Analysis failed INFO: Elapsed time: 68.089s INFO: 0 processes. FAILED: Build did NOT complete successfully (16 packages loaded, 305 targets configured)
It seems to be a network issue most likely due to some firewall or proxy server sitting between your computer and the Bazel repo. The following download failed:
Download from https://mirror.bazel.build/openjdk/azul-zulu11.37.17-ca-jdk11.0.6/zulu11.37.17-ca-jdk11.0.6-win_x64.zip failed
I suggest you download the file manually and follow the guidance here:
A work around is to fetch the files manually and put them in a directory specified via the --distdir option.
Those are mirror artifacts which are updated by the bazel team here. I think the archive URL which you mentioned above is mirrored and updated with latest files. If you see such observations may be you can raise the issues in that specific templates.
I'm trying to integrate Sonar analysis into my Jenkins. I have set up a multi module configuration, and I think the analysis runs as it should, based on the jenkins build logs.
INFO: Analysis report generated in 234ms, dir size=774 KB
INFO: Analysis reports compressed in 94ms, zip size=199 KB
INFO: Analysis report uploaded in 74ms
INFO: ANALYSIS SUCCESSFUL, you can browse
http://localhost:9000/dashboard/index/perso
INFO: Note that you will be able to access the updated dashboard once the
server has processed the submitted analysis report
INFO: More about the report processing at http://localhost:9000/api/ce/task?
id=AVwVnhRax2vtJSkdxag8
INFO: Task total time: 9.919 s
INFO: ---------------------------------------------------------------------
INFO: EXECUTION SUCCESS
But when I head over to the Sonar dashboard, all I get is this.
No analysis has been performed since creation. The only available section is the configuration.
I checked out the Sonar log, where it shows the error but sadly I couldn't solve the issue based on that.
Error: https://pastebin.com/N50RhBT3
The final cause was an SSL connection exception, but since both servers are running local, why would there be SSL?
Used versions: Sonar plugin 2.6.1, Sonarqube server 6.3.1, Sonarqube Scanner 3.0.3.778. , Jenkins 2.59
Thanks,
peter
Turns out this was basically a java not found error. Due to an annoying Jenkins bug, previously I had to reinstall Java. This change only partially went through sonarqube, and it caused the error above. The solution was pointing sonar to that java_home with the wrapper config file.
I have a ASP.Net Web Application using .Net Framework 4.5.1 and it's building on the TFS Buildserver (on premise), but SonarQube doesn't perform the analysis. All other buildsteps are successfull. SonarQube 6.0 is a fresh installation, the Runner was installed around a year ago.
The necessary .Net Frameworks for SonarQube and Builds are installed on the build machine.
On a WebAPI Project the analyzer works like a charm. What could it be?
******************************************************************************
Starting task: Fetch the Quality Profile from SonarQube
******************************************************************************
Executing the powershell script: C:\Agents\Agent1\tasks\SonarQubePreBuild\1.0.34\SonarQubePreBuild.ps1
SonarQube Scanner for MSBuild 1.1
Default properties file was not found at C:\Agents\Agent1\tasks\SonarQubePreBuild\1.0.34\MSBuild.SonarQube.Runner-1.1\SonarQube.Analysis.xml
Pre-processing started.
Preparing working directories...
Checking for updates...
SonarQube Scanner for MSBuild Begin Step 2.1
14:41:58.919 Default properties file was not found at C:\Agents\Agent1\_work\14\.sonarqube\bin\SonarQube.Analysis.xml
14:41:58.929 Updating build integration targets...
14:41:58.939 Fetching analysis configuration settings...
14:41:59.039 Generating rulesets...
14:42:00.119 Provisioning analyzer assemblies...
14:42:00.119 Installing required Roslyn analyzers...
Pre-processing succeeded.
******************************************************************************
Finishing task: SonarQubePreBuild
******************************************************************************
... building solution, publish symbols & drop ...
******************************************************************************
Starting task: Finish the analysis and upload the results to SonarQube
******************************************************************************
Executing the powershell script: C:\Agents\Agent1\tasks\SonarQubePostTest\1.0.36\SonarQubePostTest.ps1
SonarQube Scanner for MSBuild 1.1
Default properties file was not found at C:\Agents\Agent1\tasks\SonarQubePreBuild\1.0.34\MSBuild.SonarQube.Runner-1.1\SonarQube.Analysis.xml
Post-processing started.
SonarQube Scanner for MSBuild End Step 2.1
14:40:50.486 WARNING: Failed to find the code coverage command line tool. Possible cause: Visual Studio is not installed, or the installed version does not support code coverage.
The exclude flag has been set so the project will not be analyzed by SonarQube. Project file: C:\Agents\Agent1\_work\14\s\TdbWeb\TdbWeb\TdbWeb.csproj
No analysable projects were found. SonarQube analysis will not be performed. Check the build summary report for details.
Generation of the sonar-properties file failed. Unable to complete SonarQube analysis.
14:40:50.526 Creating a summary markdown file...
Post-processing failed. Exit code: 1
Unexpected exit code received from batch file: 1
The build was not set to fail if the associated quality gate fails.
******************************************************************************
Finishing task: SonarQubePostTest
******************************************************************************
You need Visual Studio Enterprise edition for code coverage and you are using VS Pro. Have a look at this page and expand the 'tesing tools' section. Code coverage is only listed for the Enterprise edition.
I am doing a Sonar analysis of my project on a Jenkins Server using SonarRunner within an ant build. Unfortunately, the Analysis crashes with the following lines:
[sonar:sonar] 11:29:57.008 INFO - Execute Findbugs 2.0.3...
[sonar:sonar] 11:29:58.217 DEBUG - Release semaphore on project : org.sonar.api.resources.Project#5c1f0a26[id=3998,key=<key>,qualifier=TRK], with key batch-<key-batch>
[sonar:sonar] 11:29:58.247 DEBUG - To prevent a memory leak, the JDBC Driver [com.mysql.jdbc.Driver] has been forcibly deregistered
BUILD FAILED
<Path>: The following error occurred while executing this line:
<Path>: org.sonar.runner.impl.RunnerException: Unable to execute Sonar
I have other projects running on the same server, which have no problem performing this analysis (and where the analysis is triggered exactly the same way). As you can see, I changed the log level to DEBUG, but, nevertheless, I get no stack trace and I am not able to find useful information in the logs of Jenkins or Sonar.
One other thing, I tried, was to increase the Heap space (with -Xmx) for this ant task in Jenkins but that didn't help either.
Are there any other settings I can take to get useful information or does somebody know about this problem?
Thanks!
Some more information could be useful. E.g.: what SonarQube and SonarRunner versions are you running.
Findbugs is one of the few analyzing plugins that need .class data for analyzing the project. So if you have not changed the directory within your build.xml the ant task may search within the default output folder location.
Please make sure your .class files are located here. To make them appear here you have to compile them before of course