Skip to first unread message
cole...@gmail.com
Nov 27, 2017, 5:23:57 PM11/27/17
to SonarQube
I am running the following:
Sonar Server: 4.5.6
Jenkins ver 1.651.3
Multiple versions of maven > 3.1.1
JDK 7 or 8
For all of my maven builds, we use options :
Build Environment > "Prepare SonarQube Scanner environment"
Post Steps > "Invoke top-level Maven targets" with Goals: $SONAR_MAVEN_GOAL -Dsonar.host.url=$SONAR_HOST_URL
No updates were made to any server or recent configuration changes, but starting today every single job fails with the following error:
Caused by: java.lang.UnsupportedOperationException: With ******Qube server prior to 5.6, it is recommended to use the ******-maven-plugin 3.3
at org.******source.scanner.maven.bootstrap.ScannerBootstrapper.checkSQVersion (ScannerBootstrapper.java:114)
at org.******source.scanner.maven.bootstrap.ScannerBootstrapper.execute (ScannerBootstrapper.java:57)
at org.******source.scanner.maven.******QubeMojo.execute (******QubeMojo.java:108)
at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo (DefaultBuildPluginManager.java:134)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:208)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:154)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:146)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:117)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:51)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:309)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:194)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:107)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:955)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:290)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:194)
at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:497)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:289)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:229)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:415)
at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:356)Also, there is no way to globally disable this scanning now, and it is breaking all of my builds. This is making me seriously question why I decided to use this in the first place.
Scott B.
Nov 27, 2017, 6:08:19 PM11/27/17
to SonarQube
"No updates were made to any server"
That is your problem, you didn't update anything. ;-) SonarQube 4.5 was abandoned about 18 months ago, latest LTS version is 6.7.
You'll need to lock down the version of sonar-maven-plugin (which defaults to the latest version). Go to the Jenkins settings, find the section "SonarQube servers", click on "Advanced" and then check the parameter "Version of sonar-maven-plugin".
As stated in the error message, "With SonarQube server prior to 5.6, it is recommended to use the sonar-maven-plugin 3.3", but looks like the correct version is 3.3.0.603.
You'll need to lock down the version of sonar-maven-plugin (which defaults to the latest version). Go to the Jenkins settings, find the section "SonarQube servers", click on "Advanced" and then check the parameter "Version of sonar-maven-plugin".
As stated in the error message, "With SonarQube server prior to 5.6, it is recommended to use the sonar-maven-plugin 3.3", but looks like the correct version is 3.3.0.603.
cole...@gmail.com
Nov 28, 2017, 9:39:41 AM11/28/17
to SonarQube
This resolved my issue. Thank you very much. Appreciate your help.
G. Ann Campbell
Nov 28, 2017, 1:25:44 PM11/28/17
to SonarQube
Hi,
You should update your database credentials as soon as possible.
Why?
Because you've published (nothing on the Interwebs ever dies) logs like this:
Caused by: java.lang.UnsupportedOperationException: With ******Qube server prior to 5.6, it is recommended to use the ******-maven-plugin 3.3
at org.******source.scanner.maven.bootstrap.ScannerBootstrapper.checkSQVersion (ScannerBootstrapper.java:114)
The values that have been *-ed out are obviously "Sonar" or "sonar".
My experience tells me that they were starred out by a Jenkins plugin designed to mask sensitive values in logs.
Ergo "sonar" is a sensitive value in your environment.
Since this is also the default database credential... well, you should just go ahead and update your database credentials at your earliest possible convenience.
Ann
cole...@gmail.com
Nov 28, 2017, 1:29:17 PM11/28/17
to SonarQube
Ann,
I appreciate your concern, but it is not exposed to the internet.
Thanks.
Reply all
Reply to author
Forward
0 new messages