newtmitch / docker-sonar-scanner Goto Github PK
View Code? Open in Web Editor NEWQuick sonar scanner docker image
License: MIT License
Quick sonar scanner docker image
License: MIT License
Hi,
Not able to see the sonar-scanner binary while using the image in Kubernetes environment with jnlp slaves.
the directory /usr/local/bin/ doesn't have the binary or the link.
The Jenkinsfile looks like the one below.
pipeline {
agent none
stages {
stage('SQTest') {
agent {
kubernetes {
label 'sample-app'
defaultContainer 'jnlp'
yamlFile 'cloudprovider.yaml'
}
}
steps {
sh "sonar-scanner -Dproject.settings=testInputs/sonar-project.properties"
}
}
}
}
The cloudprovider.yaml has the image newtmitch/sonar-scanner:alpine and command['cat']
Any suggestions?
Thanks
For scanning shell scripts sonar is shellcheck to scan them.
Could you add
# Install ShellCheck
RUN apt-get install shellcheck
to the docker files?
I need to use sonar-runner.properties file in a path (that will be analyzed)
Hello, I'm getting the following warning when using your image
WARN: Property 'sonar.jdbc.url' is not supported any more. It will be ignored. There is no longer any DB connection to the SQ database.
Thanks for these nice Docker containers!
I'm wondering if you would mind adding some permissive license, like MIT, to the code so I can use it in my project (at my company)?
Hi, not an issue per se, but I wanted to raise a warning for those who (like myself) use this image for Docker-based pipelines like Gitlab CI.
Since the split of entrypoint and cmd pipelines fail because the underlying engine is (probably) running bash -c $MYCOMMANDS
as a custom CMD.
Since now we have sonar-scanner
as the entrypoint, I get errors like ERROR: Unrecognized option: -c
because it's passing it to sonar-scanner
.
The solution is to override the image entrypoint in the pipeline, for example by setting (Gitlab CI syntax):
analysis:
stage: analysis
image:
name: newtmitch/sonar-scanner:3.2-alpine
entrypoint: ['']
dependencies:
- tests
script:
- sonar-scanner -Dsonar.host.url=$SONAR_URL -Dsonar.login=$SONAR_TOKEN -Dsonar.projectBaseDir=.
I hope it can be useful to others.
Thanks for the image, btw!
Most users will run their docker containers on linux and therefore expect the IP to be 127.0.0.1 by default, if all containers are started on the same host.
sonar.host.url=http://192.168.99.100:9000
should be
sonar.host.url=http://127.0.0.1:9000
Dear,
It might be entirely me.
But I have a project which I try to analyse.
I tried to use your public image based on Dockerfile.sonarscanner-4.0.0-alpine
so far I got errors as when running the scan as:
docker run --rm -i -v $JENKINS_JOB_WORKSPACE:/usr/src --entrypoint= myregistry/docker-sonar-scanner:4.0.0 /usr/local/bin/sonar-scanner -Dsonar.host.url=https://sonar.mydomain.org -Dsonar.sources=src -Dsonar.projectKey=myproject -Dsonar.projectName=myproject
18:05:02 ERROR: Error: Cannot find module 'typescript'
18:05:02 ERROR: at Function.Module._resolveFilename (internal/modules/cjs/loader.js:581:15)
18:05:02 ERROR: at Function.Module._load (internal/modules/cjs/loader.js:507:25)
18:05:02 ERROR: at Module.require (internal/modules/cjs/loader.js:637:17)
18:05:02 ERROR: at require (internal/modules/cjs/helpers.js:22:18)
18:05:02 ERROR: at Object. (/usr/src/.scannerwork/sonarts-bundle/node_modules/tslint/lib/language/walker/blockScopeAwareRuleWalker.js:20:10)
18:05:02 ERROR: at Module._compile (internal/modules/cjs/loader.js:689:30)
18:05:02 ERROR: at Object.Module._extensions..js (internal/modules/cjs/loader.js:700:10)
18:05:02 ERROR: at Module.load (internal/modules/cjs/loader.js:599:32)
18:05:02 ERROR: at tryModuleLoad (internal/modules/cjs/loader.js:538:12)
18:05:02 ERROR: at Function.Module._load (internal/modules/cjs/loader.js:530:3)
18:05:02 ERROR: Failed to find 'typescript' module. Please check, NODE_PATH contains location of global 'typescript' or install locally in your project
18:05:02 ERROR: External processnode --max-old-space-size=2048 /usr/src/.scannerwork/sonarts-bundle/node_modules/tslint-sonarts/bin/tsrunner
returned an empty output. Run with -X for more information
We checked out the image and could see that typescript should be present on the box.
I tried manually changing or providing NODE_PATH by updating yours Dockerfile.sonarscanner-4.0.0-alpine
So far that did not work.
After hours of testing I finally managed to get rid of the error by adding
RUN npm install -g typescript
ENV NODE_PATH=/usr/lib/node_modules
to Dockerfile.sonarscanner-4.0.0-alpine and build by own.
So far this got rid of the problem but I feel like a retard.
Is there something I absolutely am doing wrong. Can't believe I fixed it just found a work around.
Looking forward to your response!
Best regards, OImo
SonarScanner has an official Docker image available, and has for a while. See here and here for details. Although I'm happy to keep my project alive, I'd love to hear from consumers and contributors of this repo about whether the official image is the Better Way™ or if what I've done here has some distinct and specific value that the official image doesn't.
Please leave responses to this issue with your thoughts on using either image.
Hello and thank your for your work on this.
I want to report an issues with a likely relation to #28 .
I have the following sonar-project.properties
sonar.projectKey=Foo
sonar.projectBaseDir=/var/www/html
sonar.sources=.
sonar.project.home=/var/www/html
sonar.php.tests.reportPath=/var/www/html/log/phpunit/logfile.xml
sonar.php.coverage.reportPaths=/var/www/html/log/phpunit/coverage.xml
The docker run command is
docker run -ti \
-v $(pwd):/var/www/html \
-v $(pwd)/sonar-project.properties:/root/sonar-scanner/conf/sonar-scanner.properties \
--net proxy_default \
--workdir /var/www/html \
newtmitch/sonar-scanner
Which results in the error:
Project home must be an existing directory: /var/www/html/src
It seems for some reason the scanner always expects /src
to be in the path.
In my attempt to find a working config.
I created an empty src
directory in /var/www/html/
and and did set sonar.sources
to ../
which starts the scan but ignores all files because they are not in the project directory.
... It is not located in project basedir '/var/www/html/src'
TL;DR
/var/www/html
because otherwise the scanner fails to parse the coverage.xml file. Which generates the paths with the absolute path/var/www/html/
and the sonar-project.properties
reflect that, the scan fails because the scanner seems to expect src
in the project path.When using your image, the scan crashes with the following error whenever it tries to scan Typescript files:
ERROR: Failed to get Node.js version.No TypeScript files will be analyzed. You can exclude TypeScript files from analysis with 'sonar.exclusions' property
I was able to fix it by creating a custom image from your image and installing node. Not sure if that's something you might consider adding to this image.
Dockerfile.sonarscanner-3.3.0-alpine still has "WORKDIR /root", should've been changed to "WORKDIR /src" as part of pull request #27
could node.js as well be added to the alpine-based image? currently it's only included in the full version.
To support JS/TS scanning.
follow up to #9
Hi !
We're trying to upgrade our sonarqube which is running on our kubernetes cluster to the latest version. With elasticsearch embedded (can't wait to see the new features!) it can't start (without further tweaking) because of the (documented) sysconf calls one should make.
Is there any way to use an external elasticsearch ? (we have one running outside of our kubernetes cluster) ?
like the question above...Could it be used to other git repository like gitee or gitlab ?
Scanner failed to build for me on MacOS X Sierra (10.12.5). Changing Dockerfile line 1 to
FROM: java:8
allowed a successful build.
Hello,
We would like to know if we can secure the sensitive information i.e., credentials and other values that we pass in sonar-runner.properties file. Could you please help?
Thanks.
The line to exclude node modules from the scan ("sonar.exclusions=/node_modules//*") means that server-side configuration of ignored files will never be used since there's an existing scanner-level property
Thanks for this image - we are using the older "alpine" images up to now and were trying to switch to the newer 4-version.
Tried latest version of image "4" but it fails with error message because its using a "ea" (early adoptor) version of Java12 not allowed for sonar-qube scanner.
And Java12 is EOL for some time now, therefore not getting any updates since two years.
Please switch back to Java 11 LTS (supported by sonar-scanner).
Current Java 16 is no LTS release either (will be out of support in 6 months and next LTS version 17 is not release by now.
reference at sonarsource about !"ea" releases: https://community.sonarsource.com/t/java-12-support/11864
Thanks,
Stefan Seide
Execption running sonar-scanner on latest imge with tag "4"
04:52:37.142 INFO: Load/download plugins
04:52:37.142 INFO: Load plugins index
04:52:37.159 DEBUG: GET 200 http://digihub-ai-rpa-wbench.psst.t-online.corp:9000/sonar/api/plugins/installed | time=17ms
04:52:37.170 INFO: Load/download plugins (done) | time=28ms
04:52:37.174 INFO: ------------------------------------------------------------------------
04:52:37.174 INFO: EXECUTION FAILURE
04:52:37.174 INFO: ------------------------------------------------------------------------
04:52:37.174 INFO: Total time: 1.254s
04:52:37.191 INFO: Final Memory: 5M/24M
04:52:37.191 INFO: ------------------------------------------------------------------------
04:52:37.191 ERROR: Error during SonarScanner execution
java.lang.ExceptionInInitializerError
at com.google.gson.internal.reflect.ReflectionAccessor.<clinit>(ReflectionAccessor.java:36)
at com.google.gson.internal.ConstructorConstructor.<init>(ConstructorConstructor.java:51)
at com.google.gson.Gson.<init>(Gson.java:205)
at com.google.gson.Gson.<init>(Gson.java:185)
at org.sonar.scanner.bootstrap.ScannerPluginInstaller.listInstalledPlugins(ScannerPluginInstaller.java:104)
at org.sonar.scanner.bootstrap.ScannerPluginInstaller.loadPlugins(ScannerPluginInstaller.java:76)
at org.sonar.scanner.bootstrap.ScannerPluginInstaller.installRemotes(ScannerPluginInstaller.java:60)
at org.sonar.scanner.bootstrap.ScannerPluginRepository.start(ScannerPluginRepository.java:59)
at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40)
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
at org.picocontainer.behaviors.Stored.start(Stored.java:110)
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:122)
at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:73)
at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:567)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.NumberFormatException: For input string: "12-ea"
at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:68)
at java.base/java.lang.Integer.parseInt(Integer.java:658)
at java.base/java.lang.Integer.parseInt(Integer.java:776)
at com.google.gson.util.VersionUtils.determineMajorJavaVersion(VersionUtils.java:28)
at com.google.gson.util.VersionUtils.<clinit>(VersionUtils.java:24)
... 32 more
04:52:37.194 ERROR:
04:52:37.194 ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.
Hi,
i'm trying to use the sonar-scanner image with openjdk:12 (not alpine), but i have this error during sonar scanner startup when i run the container:
A fatal error has been detected by the Java Runtime Environment:
SIGILL (0x4) at pc=0x00007f1357a859bc, pid=7, tid=19
JRE version: OpenJDK Runtime Environment (12.0+29) (build 12-ea+29)
Java VM: OpenJDK 64-Bit Server VM (12-ea+29, mixed mode, sharing, tiered, compressed oops, g1 gc, linux-amd64)
Problematic frame:
v ~StubRoutines::updateBytesCRC32
An error report file with more information is saved as:
/tmp/hs_err_pid7.log
Compiled method (c1) 1477 119 3 java.util.zip.CRC32::update (51 bytes)
total in heap [0x00007f1358041e10,0x00007f1358042610] = 2048
relocation [0x00007f1358041f88,0x00007f1358042000] = 120
main code [0x00007f1358042000,0x00007f13580423e0] = 992
stub code [0x00007f13580423e0,0x00007f13580424a8] = 200
metadata [0x00007f13580424a8,0x00007f13580424b8] = 16
scopes data [0x00007f13580424b8,0x00007f1358042538] = 128
scopes pcs [0x00007f1358042538,0x00007f13580425f8] = 192
dependencies [0x00007f13580425f8,0x00007f1358042600] = 8
nul chk table [0x00007f1358042600,0x00007f1358042610] = 16
Could not load hsdis-amd64.so; library not loadable; PrintAssembly is disabled.
Any ideas about this problem?
Thank you so much
I mounted my source code correctly and the scan is picking up some of the exclusions etc. However when it looks up the sonar.projectKey in said file it ignores it completely and just generates its own project name by default. Is it simply not adhering to these sonar-project.properties?
You can add in readme a description about use sonar-scanner without a local sonarQube. So --link sonarqube become useless in run of docker sonar scanner
The readme contains an error
This line need to be change
-v $(pwd)/sonar-runner.properties:/root/sonar-scanner/conf/sonar-runner.properties \
to
-v $(pwd)/sonar-runner.properties:/root/sonar-scanner/conf/sonar-scanner.properties \
With this change, the sonar-runner.properties will be taken with good properties
The readme file has the following example text:
docker run -ti -v $(pwd):/root/src --link sonarqube mitch/sonarscanner sonar-scanner \
-Dsonar.host.url=http://sonarqube:9000 \
-Dsonar.jdbc.url=jdbc:h2:tcp://sonarqube/sonar \
-Dsonar.projectKey=MyProjectKey \
-Dsonar.projectName="My Project Name" \
-Dsonar.projectVersion=1 \
-Dsonar.projectBaseDir=/root \
-Dsonar.sources=./src
Note that the docker image it loads is mitch/sonarscanner sonar-scanner
. Ever other example in the readme uses newtmitch/sonar-scanner
. If you try to use the former text you get an error about docker unable to find the image. Presumably this is just out of date and needs updating?
However, even when I update the text I'm still unable to get the configs to load properly.
docker run -ti -v $srcDir:/root/src --link sonarqube newtmitch/sonar-scanner \
-Dsonar.projectName="example" \
-Dsonar.projectKey=example \
-Dsonar.host.url=http://localhost:9000 \
-Dsonar.login=123ijfepajfpafeapfjapfjexample
Error message:
docker: Error response from daemon: oci runtime error: container_linux.go:262: starting container process caused "exec: \"-Dsonar.projectName=example\": executable file not found in $PATH".
I thought it might be bash / argument parsing error, but the issue persists regardless if I break the config options into new lines or put them all on one line.
I'm relatively new to docker, so it's possible the error is my fault and unrelated to docker-sonar-scanner. I'm still working on it and will update when I have info.
P.S. - Thanks for working on this docker sonar scanner project, it's exactly what we needed and I really appreciate the time you've put into it. Thanks for keeping open source kickin'. :)
edit: So, upon closer reading of the readme it looks like i) updating the name of the image is addressed in the readme ii) but, the old image is still non-existant.
Lastly, when trying this command from the readme I continue to get the same error:
$ docker run -ti -v $srcDir:/root/src --link sonarqube newtmitch/sonar-scanner -Dsonar.host.url="http://localhost:9000"
docker: Error response from daemon: oci runtime error: container_linux.go:262: starting container process caused "exec: \"sonar.host.url=http://localhost:9000\": stat sonar.host.url=http://localhost:9000: no such file or directory".
The presence of -Dsonar.host.url=http://localhost:9000
is enough to cause the error.
inflating: sonar-scanner-3.3.0.1492-linux/jre/THIRDPARTYLICENSEREADME.txt
inflating: sonar-scanner-3.3.0.1492-linux/jre/bin/java
inflating: sonar-scanner-3.3.0.1492-linux/lib/sonar-scanner-cli-3.3.0.1492.jar
inflating: sonar-scanner-3.3.0.1492-linux/conf/sonar-scanner.properties
inflating: sonar-scanner-3.3.0.1492-linux/bin/sonar-scanner-debug
inflating: sonar-scanner-3.3.0.1492-linux/bin/sonar-scanner lchmod (file attributes) error: Not supported
finishing deferred symbolic links:
sonar-scanner-3.3.0.1492-linux/jre/lib/amd64/server/libjsig.so -> ../libjsig.so
lchmod (file attributes) error: Not supported
Heya, quick improvement request.
Using $PWD
instead of $(pwd)
solves two problems.
$(pwd)
could break a CI pipeline. For example, running Jenkins using one shot slaves gives this as the directory --> PWD=/home/jenkins-slave/workspace/<repo name>@2
--> and this causes the error message below.java.io.IOException: Failed to run image 'newtmitch/sonar-scanner:3.2.0-alpine'. Error: docker: Error response from daemon: create $(pwd): "$(pwd)" includes invalid characters for a local volume name, only "[a-zA-Z0-9][a-zA-Z0-9_.-]" are allowed. If you intended to pass a host directory, use absolute path.
See 'docker run --help'.
Versions used:
newtmitch/sonar-scanner:3.2.0-alpine
docker version
Client:
Version: 18.09.6
API version: 1.39
Go version: go1.10.8
Git commit: 481bc77
Built: Sat May 4 02:35:27 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 18.09.6
API version: 1.39 (minimum version 1.12)
Go version: go1.10.8
Git commit: 481bc77
Built: Sat May 4 01:59:36 2019
OS/Arch: linux/amd64
Experimental: false
As per Dockerhub (Java) usage of the java:x
images is discouraged:
DEPRECATED
This image is officially deprecated in favor of the openjdk image,
and will receive no further updates after 2016-12-31 (Dec 31, 2016).
Please adjust your usage accordingly.
It is recommended to switch to OpenJDK which should be pretty trivial.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.