Message-ID: <1224803692.785418.1386497802907.JavaMail.firstname.lastname@example.org> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_785417_352471274.1386497802906" ------=_Part_785417_352471274.1386497802906 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
When having two sonarqube schemas on the same Oracle instance, especiall=
y if they are in 2 different versions, SonarQube can get confused and picks=
the first it finds. In that case, there are two known workarounds:
1= . Remove the DBA rights to the sonarqube users in Oracle
2. Use sonar= .hibernate.default_schema in sonar.properties to set the schema. In that ca= se, -Dsonar.hibernate.default_schema should be used as well during project = analysis.
By default, remote access to MySQL database server is disabled for secur= ity reasons. If you want to remotely access to the database server from the= Sonar Maven plugin, you need to follow this quick guide.
If you have installed a 64-bit version of the JDK or JRE, and Windows is= using the 64-bit version by default, then the batch file windows-x86-32\St= artSonar.bat will not start the server because the wrapper.exe program call= ed by the batch file cannot load the lib\wrapper.dll library. You can check= which version of Java is being used by opening a shell and typing "ja= va -version". If it is a 64-bit version you will see something like &q= uot;Java HotSpot (TM) 64-Bit Server VM" in the description. You can do= wnload a 32-bit version of the JDK or JRE from Oracle and install it. By de= fault it will be installed under C:\Program Files (x86)\Java. Open up a com= mand shell and change to the top-level directory of drive. With "dir /= X" you can list the shortened names of the directories. You want the s= hortened name of the C:\Program Files (x86) directory, or wherever the 32-b= it version of the JDK or JRE was installed. You can then add some lines lik= e the following to the StartSonar.bat batch file to put the directory conta= ining the 32-bit version of java.exe in the beginning of the PATH:
SonarQube seems unable to start when installed under the folder "Pr= ogram Files" in VISTA. It should therefore not be installed there.
This error happens when the temporary file path specified for the Local = System doesn't exist. Assuming that environment variables have their defaul= t settings and that Windows is installed on the "C" drive, the fo= llowing paths should exist:
Windows Server 2003, Windows XP: C:\Windows\system32\config\systemprofil=
Windows Server 2008, Windows 7, Windows Vista: = C:\Windows\system32\config\systemprofile\AppData\Local\Temp
In most cases, the "Temp" folder is missing and should be crea= ted. See SONAR-2660.
When another(s) USERS table exists in the Oracle DB, if the sonarqube us= er has read access on this other USERS table, the SonarQube web server can'= t start and an exception like the following one is thrown:
To fix this issue, the r= ights of the sonarqube Oracle user must be decreased to remove read access = on the other(s) USERS table(s).
Double-check that settings for proxy in file
sonar.properties are specified correctly.
Note that if your username contains "= ;\" (backslash), then it should be escaped - for example username &quo= t;domain\user" in file should look like:
For some proxies exception "java.net.ProtocolException: Server redi= rected too many times" might mean incorrect username or password.
Here is the rational: SonarQube needs a Maven plugin to perform analysis= of your project. This plugin is part of SonarQube project so the name of t= his plugin is org.codehaus.sonar:sonar-maven-plugin becaus= e codehaus is hosting the project. Each time there is a new version of Sona= rQube, there is a new version of the Sonar Maven plugin. For a given versio= n of the SonarQube server, you MUST run the same version of the Sonar Maven= plugin. It means that you would have to run:
if you have installed SonarQube 2.5.
As this is very annoying to ty= pe, you could add the groupId in your se= ttings.xml. This way you could type:
BUT in this case the latest version of the Maven Sonar plugin would be t= aken. As soon as SonarQube 2.6 would be released, Maven would automatically= use the plugin in version 2.6. If you don't plan to upgrade your Sona= rQube server, it will fail. The answer to this problem is already well-know= n: define all versions of your plugins in the pom. So you would add:
in all pom (or in corporate pom). And you would have to update your proj=
ects each time you are updating SonarQube server. Very annoying but that's =
What if you have an integration/acceptance/pre-production ins= tance of SonarQube in version 2.5, and a production version in version 2.4?= You can't analyse the same project with the two instances because you have= fixed the version of the sonar Maven plugin to version 2.5 in the pom. You= may finally make it works with external properties or any other ugly hack.=
The solution is to use a bootstrap plugin. Th= is plugin:
When you run
. The bootstrap plugin will query SonarQube server to find its version, = then fork a new build to run the normal plugin with
where XX is the version previously returned b= y the server. This way you can analyze the same project with different vers= ions of SonarQube and still running the same command line (except SonarQube= hostname of course) and without having to modify the pom.
Most of the time you need latest version of the boostrap plugin, so no n= eed to fix its version in your pom, except if you want to test a particular= version (an old one or a SNAPSHOT for example).
When reading the cobertura.ser file, the Cobertura Maven plugin tries to= get a lock on that file. This locking mechanism generates an exception on = Linux Systems SONAR-172.
The current workaround is to add the following lines to the pom.xml file= (thanks to Wouter de Vaal):
If you get this error message after launching the maven command line &qu= ot;mvn sonar:sonar" add the "-U" parameter to the command li= ne. Maven will then update its local repository with the latest version of = the Sonar Maven plugin.
If adding the "-U" parameter doesn't fix your issue, you've ce= rtainly encountered Maven bug MNG-4001. The onl= y known workaround is to delete the org\codehaus\mojo directory in your loc= al Maven repository. Of course, if your local Maven repository is synchroni= zed with a repository manager like Nexus, this operation must be also done = on the repository manager side.
Increase the maven available memory by setting the environment variable = :
The message of the root exception is
The CGLIB library available in your Maven repository is certainly signed= which is not the case on IBIBLIO repository. Perhaps you or your Maven adm= inistrator have signed this jar to include it into a Java Web Start applica= tion. Unfortunately signing CGLIB jar file breaks Hibernate's use of CGLIB,= as it generates proxy classes in the same package (org.sonar.commons.datab= ase.* for our context) as the original class. But the original Sonar class = is not signed and the new proxy class is, generating a java.lang.SecurityEx= ception.
You must also sign Sonar libraries in your Maven repository or used unsi= gned CGLIB library.
Typically error message looks like :
Possible explanations of such problem :
You have to add the parameter -Denforcer.skip=3Dtrue to the Maven comman= d-line.
The following error occurs when using Maven Archiva 1.1. It must be upgr= aded to 1.2.1.
While running an analysis, you may face the following error:
It means that the analyzer encountered an issue while downloading the pl= ugins from the SonarQube server to the machine running the project analysis= .
This error could be due either to:
In SonarQube 3.4 (SONAR-3306) a new semaph=
ore mechanism has been introduced to prevent launching several analysi=
s on the same project in parallel. But in some cases when an analysis of a =
project is unexpectedly interrupted, the lock of the semaphore is sometimes=
not released and in such case it's up to the System administrator to relau=
nch the project analysis with the property
=3Dtrue. This limitation has been fixed in SonarQube 3.5 (SONAR-4053).
You can use the mechanism embedded in rules engine (//NOPMD...) or the g= eneric mechanism implemented in SonarQube: put //NOSONAR at the end of the = line of the issue. This will suppress the issue.
The //NOSONAR tag is useful to deactivate all rules at a given line but = is not suitable to deactivate all rules (or only a given rule) for all the = lines of a method or a class. This is why support for @SuppressWarnings(&qu= ot;all") has been added to SonarQube.
You can review an issue to flag it as false positive directly from the u= ser interface.