.net-coresonarqubesonarqube-scan

Dotnet CLI SonarScanner is failing with dotnet 8.0 image


I am facing the issue while scanning the ASP DOTNET Core 8 project using the dotnet cli global tool. The sonarscanner is working fine on Windows 10 desktop, but it failed at CI server on container of image mcr.microsoft.com/dotnet/sdk:8.0. However the same version of SonarScanner with working with another solution where that does not have the ASP.NET Core project.

SonarQube Server: Enterprise EditionVersion 10.0

Sonar Scanner: dotnet-sonarscanner 6.2.0

Error:

SonarScanner for MSBuild 6.2
11:53:11     Using the .NET Core version of the Scanner for MSBuild
11:53:11     Default properties file was found at /root/.nuget/packages/dotnet-sonarscanner/6.2.0/tools/netcoreapp3.1/any/SonarQube.Analysis.xml
11:53:11     Loading analysis properties from /root/.nuget/packages/dotnet-sonarscanner/6.2.0/tools/netcoreapp3.1/any/SonarQube.Analysis.xml
11:53:11     sonar.verbose=true was specified - setting the log verbosity to 'Debug'
11:53:11     Pre-processing started.
11:53:11     Preparing working directories...
11:53:11     Using environment variables to determine the download directory...
11:53:12     06:23:12.019  06:23:11.999  Loading analysis properties from /root/.nuget/packages/dotnet-sonarscanner/6.2.0/tools/netcoreapp3.1/any/SonarQube.Analysis.xml
11:53:12     06:23:12.019  06:23:12.019  sonar.verbose=true was specified - setting the log verbosity to 'Debug'
11:53:12     06:23:12.023  Updating build integration targets...
11:53:12     06:23:12.028  Installed SonarQube.Integration.ImportBefore.targets to /root/.local/share/Microsoft/MSBuild/4.0/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.029  Installed SonarQube.Integration.ImportBefore.targets to /root/.local/share/Microsoft/MSBuild/10.0/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.03  Installed SonarQube.Integration.ImportBefore.targets to /root/.local/share/Microsoft/MSBuild/11.0/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.03  Installed SonarQube.Integration.ImportBefore.targets to /root/.local/share/Microsoft/MSBuild/12.0/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.031  Installed SonarQube.Integration.ImportBefore.targets to /root/.local/share/Microsoft/MSBuild/14.0/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.032  Installed SonarQube.Integration.ImportBefore.targets to /root/.local/share/Microsoft/MSBuild/15.0/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.032  Installed SonarQube.Integration.ImportBefore.targets to /root/.local/share/Microsoft/MSBuild/Current/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.033  Installed SonarQube.Integration.ImportBefore.targets to /root/Microsoft/MSBuild/15.0/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.034  Installed SonarQube.Integration.ImportBefore.targets to /root/Microsoft/MSBuild/Current/Microsoft.Common.targets/ImportBefore
11:53:12     06:23:12.036  Installed SonarQube.Integration.targets to /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/bin/targets
11:53:12     06:23:12.036  Creating config and output folders...
11:53:12     06:23:12.037  Creating directory: /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/conf
11:53:12     06:23:12.037  Creating directory: /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/out
11:53:12     06:23:12.054  Fetching server version...
11:53:12     06:23:12.056  Downloading from https://sonarqube.devtools.zsservices.com/api/server/version...
11:53:12     06:23:12.557  Response received from https://sonarqube.devtools.zsservices.com/api/server/version...
11:53:12     06:23:12.56  Checking if the server version is supported...
11:53:12     06:23:12.565  Checking validity of server license...
11:53:12     06:23:12.565  Downloading from https://sonarqube.devtools.zsservices.com/api/editions/is_valid_license...
11:53:12     06:23:12.585  Response received from https://sonarqube.devtools.zsservices.com/api/editions/is_valid_license...
11:53:12     06:23:12.658  Fetching analysis configuration settings...
11:53:12     06:23:12.666  Fetching properties for project '#########'...
11:53:12     06:23:12.667  Downloading from https://#####/api/settings/values?component=######...
11:53:12     06:23:12.699  Response received from https://######/api/settings/values?component=######...
11:53:12     06:23:12.713  Downloading from https://######/api/languages/list...
11:53:12     06:23:12.725  Response received from https://######/api/languages/list...
11:53:12     06:23:12.733  Fetching quality profile for project '######'...
11:53:12     06:23:12.733  Downloading from https://######/api/qualityprofiles/search?project=######...
11:53:12     06:23:12.774  Response received from https://######/api/qualityprofiles/search?project=######...
11:53:12     06:23:12.78  Fetching rules for quality profile '######'...
11:53:12     06:23:12.78  Downloading from https://######/api/rules/search?f=repo,name,severity,lang,internalKey,templateKey,params,actives&ps=500&qprofile=######&p=1...
11:53:12     06:23:12.893  Response received from https://######/api/rules/search?f=repo,name,severity,lang,internalKey,templateKey,params,actives&ps=500&qprofile=######&p=1...
11:53:12     06:23:12.91  Local analyzer cache: /app/buildagent/temp/buildTmp/.sonarqube/resources
11:53:12     06:23:12.914  Writing Roslyn generated ruleset to /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/conf/Sonar-cs.ruleset...
11:53:12     06:23:12.935  Writing Roslyn generated ruleset to /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/conf/Sonar-cs-none.ruleset...
11:53:12     06:23:12.939  Provisioning analyzer assemblies for cs...
11:53:12     06:23:12.94  Installing required Roslyn analyzers...
11:53:12     06:23:12.94  Processing plugin: csharp version 8.55.0.65544
11:53:12     06:23:12.992  Cache miss: plugin files were not found in the local cache
11:53:12     06:23:12.993  Fetching resource for plugin: csharp, version 8.55.0.65544. Resource: SonarAnalyzer-8.55.0.65544.zip
11:53:12     06:23:12.993  Downloading SonarAnalyzer-8.55.0.65544.zip to /app/buildagent/temp/buildTmp/.sonarqube/resources/0
11:53:12     06:23:12.994  Downloading file to /app/buildagent/temp/buildTmp/.sonarqube/resources/0/SonarAnalyzer-8.55.0.65544.zip...
11:53:12     06:23:12.994  Downloading from https://######/static/csharp/SonarAnalyzer-8.55.0.65544.zip...
11:53:13     06:23:13.032  Response received from https://######/static/csharp/SonarAnalyzer-8.55.0.65544.zip...
11:53:13     06:23:13.041  Extracting files to /app/buildagent/temp/buildTmp/.sonarqube/resources/0...
11:53:13     06:23:13.087  Processing plugin: vbnet version 8.55.0.65544
11:53:13     06:23:13.102  Cache miss: plugin files were not found in the local cache
11:53:13     06:23:13.102  Fetching resource for plugin: vbnet, version 8.55.0.65544. Resource: SonarAnalyzer-8.55.0.65544.zip
11:53:13     06:23:13.102  Downloading SonarAnalyzer-8.55.0.65544.zip to /app/buildagent/temp/buildTmp/.sonarqube/resources/1
11:53:13     06:23:13.102  Downloading file to /app/buildagent/temp/buildTmp/.sonarqube/resources/1/SonarAnalyzer-8.55.0.65544.zip...
11:53:13     06:23:13.102  Downloading from https://######/static/vbnet/SonarAnalyzer-8.55.0.65544.zip...
11:53:13     06:23:13.114  Response received from https://######/static/vbnet/SonarAnalyzer-8.55.0.65544.zip...
11:53:13     06:23:13.115  Extracting files to /app/buildagent/temp/buildTmp/.sonarqube/resources/1...
11:53:13     06:23:13.136  Processing plugin: securitycsharpfrontend version 10.0.0.20234
11:53:13     06:23:13.138  Cache miss: plugin files were not found in the local cache
11:53:13     06:23:13.138  Fetching resource for plugin: securitycsharpfrontend, version 10.0.0.20234. Resource: SonarAnalyzer.Security-10.0.0.20234.zip
11:53:13     06:23:13.138  Downloading SonarAnalyzer.Security-10.0.0.20234.zip to /app/buildagent/temp/buildTmp/.sonarqube/resources/2
11:53:13     06:23:13.138  Downloading file to /app/buildagent/temp/buildTmp/.sonarqube/resources/2/SonarAnalyzer.Security-10.0.0.20234.zip...
11:53:13     06:23:13.14  Downloading from https://######/static/securitycsharpfrontend/SonarAnalyzer.Security-10.0.0.20234.zip...
11:53:13     06:23:13.147  Response received from https://######/static/securitycsharpfrontend/SonarAnalyzer.Security-10.0.0.20234.zip...
11:53:13     06:23:13.149  Extracting files to /app/buildagent/temp/buildTmp/.sonarqube/resources/2...
11:53:13     06:23:13.17  Writing Roslyn analyzer additional file to /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/conf/cs/SonarLint.xml...
11:53:13     06:23:13.171  Fetching quality profile for project '######'...
11:53:13     06:23:13.172  Downloading from https://######/api/qualityprofiles/search?project=######...
11:53:13     06:23:13.211  Response received from https://######/api/qualityprofiles/search?project=######...
11:53:13     06:23:13.213  Fetching rules for quality profile 'AYJ-KBq2XOwVvgx9jUmr'...
11:53:13     06:23:13.213  Downloading from https://######/api/rules/search?f=repo,name,severity,lang,internalKey,templateKey,params,actives&ps=500&qprofile=AYJ-KBq2XOwVvgx9jUmr&p=1...
11:53:13     06:23:13.265  Response received from https://######/api/rules/search?f=repo,name,severity,lang,internalKey,templateKey,params,actives&ps=500&qprofile=AYJ-KBq2XOwVvgx9jUmr&p=1...
11:53:13     06:23:13.271  Local analyzer cache: /app/buildagent/temp/buildTmp/.sonarqube/resources
11:53:13     06:23:13.272  Writing Roslyn generated ruleset to /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/conf/Sonar-vbnet.ruleset...
11:53:13     06:23:13.273  Writing Roslyn generated ruleset to /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/conf/Sonar-vbnet-none.ruleset...
11:53:13     06:23:13.274  Provisioning analyzer assemblies for vbnet...
11:53:13     06:23:13.274  Installing required Roslyn analyzers...
11:53:13     06:23:13.274  Processing plugin: csharp version 8.55.0.65544
11:53:13     06:23:13.275  Cache hit: using plugin files from /app/buildagent/temp/buildTmp/.sonarqube/resources/0
11:53:13     06:23:13.275  Processing plugin: vbnet version 8.55.0.65544
11:53:13     06:23:13.276  Cache hit: using plugin files from /app/buildagent/temp/buildTmp/.sonarqube/resources/1
11:53:13     06:23:13.277  Writing Roslyn analyzer additional file to /app/buildagent/work/3cea31a8a2e2aa95/src/.sonarqube/conf/vbnet/SonarLint.xml...
11:53:13     06:23:13.281  Processing analysis cache
11:53:13     06:23:13.284  Incremental PR analysis: Base branch parameter was not provided.
11:53:13     06:23:13.284  Cache data is empty. A full analysis will be performed.
Unhandled exception. System.InvalidOperationException: There was an error generating the XML document.
      ---> System.ArgumentException: ' ', hexadecimal value 0x1B, is an invalid character.
        at System.Xml.XmlEncodedRawTextWriter.WriteElementTextBlock(Char* pSrc, Char* pSrcEnd)
        at System.Xml.XmlEncodedRawTextWriter.WriteString(String text)
        at System.Xml.XmlWellFormedWriter.WriteString(String text)
        at System.Xml.Serialization.XmlSerializationWriter.WriteElementString(String localName, String ns, String value, XmlQualifiedName xsiType)
        at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationWriterAnalysisConfig.Write6_AnalysisConfig(String n, String ns, AnalysisConfig o, Boolean isNullable, Boolean needType)
        at Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationWriterAnalysisConfig.Write7_AnalysisConfig(Object o)
        at System.RuntimeMethodHandle.InvokeMethod(Object target, Void** arguments, Signature sig, Boolean isConstructor)
        at System.Reflection.MethodBaseInvoker.InvokeDirectByRefWithFewArgs(Object obj, Span`1 copyOfArgs, BindingFlags invokeAttr)
        --- End of inner exception stack trace ---
        at System.Xml.Serialization.XmlSerializer.Serialize(XmlWriter xmlWriter, Object o, XmlSerializerNamespaces namespaces, String encodingStyle, String id)
        at SonarScanner.MSBuild.Common.Serializer.Write[T](T model, TextWriter writer)
        at SonarScanner.MSBuild.Common.Serializer.SaveModel[T](T model, String fileName)
        at SonarScanner.MSBuild.Common.AnalysisConfig.Save(String fileName)
        at SonarScanner.MSBuild.PreProcessor.AnalysisConfigGenerator.GenerateFile(ProcessedArgs localSettings, BuildSettings buildSettings, Dictionary`2 additionalSettings, IDictionary`2 serverProperties, List`1 analyzersSettings, String sonarQubeVersion)
        at SonarScanner.MSBuild.PreProcessor.PreProcessor.DoExecute(ProcessedArgs localSettings)
        at SonarScanner.MSBuild.PreProcessor.PreProcessor.Execute(IEnumerable`1 args)
        at SonarScanner.MSBuild.BootstrapperClass.PreProcess()
        at SonarScanner.MSBuild.BootstrapperClass.Execute()
        at SonarScanner.MSBuild.Program.Execute(String[] args, ILogger logger)
        at SonarScanner.MSBuild.Program.Execute(String[] args)
        at SonarScanner.MSBuild.Program.Main(String[] args)
        at SonarScanner.MSBuild.Program.<Main>(String[] args)

Solution

  • This got resolved. The HEX character was coming in the application version that is being send to SonarScanner. This hex character was not visible in logs, and hence created confusion. The version of the application was not explicitly defined, rather it was coming from the pom.xml file using the mvn command. For some unknown reason the mvn command adding this hex character into the output while got appended into the sonar-scanner command in the shell-script.

    It got resolve by changing the way application version is extracted.