sonar-scanner-msbuild icon indicating copy to clipboard operation
sonar-scanner-msbuild copied to clipboard

Published 20 hours ago verified publisher icon SonarSource

[UNIX] `Begin` step should fail early if `sonar-scanner` is not executable

Open andrei-epure-sonarsource opened this issue 2 years ago • 2 comments

This is related to #493.

The problem

Currently, at the END step the scanner is failing on Unix systems because the executable bit is not set on the scanner-cli. The error looks like below.

andrei@S4NET:$ dotnet ~/2022-08-04-autoscan/s560/SonarScanner.MSBuild.dll end /d:sonar.login="<TOKEN>"                                                       
SonarScanner for MSBuild 5.6
Using the .NET Core version of the Scanner for MSBuild
Post-processing started.
Calling the SonarScanner CLI...
Unhandled exception. System.ComponentModel.Win32Exception (13): An error occurred trying to start process '/home/andrei/2022-08-04-autoscan/s560/sonar-scanner-4.6.2.2472/bin/sonar-scanner' with working directory '/home/andrei/2022-08-04-autoscan/projects_560/WebConfig.CS'. Permission denied
//...
// big ugly stacktrace
//...

This is bad user experience because:

  • there is a hard failure after the BEGIN step and the build analysis executed successfully
  • the user will be confused by the stack trace
  • instead of a nice error message for this well-known scenario, we fail clumsily with a huge stack trace

My proposal

Fail at the BEGIN step if the sonar-scanner does not have the executable bit set. This check can easily be done during the begin step.

Furthermore, the scanner should first attempt to set the executable bit, catch the exception if not allowed and fail with a nice error message like:

Error: could not run chmod +x on sonar-scanner. In order to run, the Scanner for .NET needs to execute sonar-scanner during the END step. Please run chmod +x on the sonar-scanner to allow its execution.

andrei-epure-sonarsource avatar Aug 05 '22 08:08 andrei-epure-sonarsource

If I have the following step in a dockerfile: RUN sudo dotnet tool install dotnet-sonarscanner --tool-path /usr/local/bin

With the container running, it results in the following on dotnet sonarscanner end:

An error occurred trying to start process '/usr/local/bin/.store/dotnet-sonarscanner/5.13.0/dotnet-sonarscanner/5.13.0/tools/net5.0/any/sonar-scanner-4.8.0.2856/bin/sonar-scanner' with working directory ...

Is there a recommended approach to determining that path, or should +x be set at a higher level?

JohnYoungers avatar Aug 10 '23 16:08 JohnYoungers

Hi @JohnYoungers - could you please ask the question on https://community.sonarsource.com/ ? We monitor that for such questions, and it's better suited for discussions and clarifications. Thanks.

andrei-epure-sonarsource avatar Aug 11 '23 08:08 andrei-epure-sonarsource