[SonarQube] Plugin install fails

[andrei-dascalu]

Hello,

Regardless of which plugins I add to the plugins array, I get the following error(s):

2021.02.08 12:29:06 ERROR web[][o.s.s.p.PlatformImpl] Web server startup failed java.lang.IllegalStateException: Fail to move plugin: /opt/sonarqube/extensions/downloads/sonar-auth-aad-plugin-1.2.0.jar to /opt/sonarqube/extensions/plugins/sonar-auth-aad-plugin-1.2.0.jar at org.sonar.server.plugins.PluginJarLoader.movePlugin(PluginJarLoader.java:223) at org.sonar.server.plugins.PluginJarLoader.moveDownloadedPluginToExtensions(PluginJarLoader.java:215) at org.sonar.server.plugins.PluginJarLoader.loadPlugins(PluginJarLoader.java:114) at org.sonar.server.plugins.ServerPluginManager.start(ServerPluginManager.java:64) at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40) at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) at org.sonar.server.platform.platformlevel.PlatformLevel2.start(PlatformLevel2.java:112) at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:213) at org.sonar.server.platform.PlatformImpl.startLevel2Container(PlatformImpl.java:179) at org.sonar.server.platform.PlatformImpl.init(PlatformImpl.java:87) at org.sonar.server.platform.web.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:43) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4689) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5155) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1412) at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1402) at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at java.base/java.lang.Thread.run(Thread.java:834) Caused by: java.io.IOException: Destination '/opt/sonarqube/extensions/plugins' directory cannot be created

Looks like plugins folder is not writable at the time of install attempt.

[ivanovaleksandar]

I encountered the same issue, so a little workaround seems do the trick. Also, you haven't specified which chart version were you trying to deploy, so I would assume it is the latest (current latest is 9.4.1).

This will work with version 9.4.0 and above:

extraInitContainers: 
  - name: "bootstrap-plugin-folder"
    image: "busybox"
    imagePullPolicy: "IfNotPresent"
    command: ["install", "-d", "-m", "0755", "-o", "1000", "-g", "1000", "/tmp/sonarqube/extensions/plugins"]
    volumeMounts:
      - mountPath: /tmp/sonarqube/extensions
        name: sonarqube
        subPath: extensions

[gvrf2911]

Hi,

It looks like the issue started with the 9.2.7 version of the HELM as I do not encounter it with 9.2.6 version. And, I can only reproduce the issue with a fresh installation of SonarQube, I do not have it if I upgrade the HELM from 9.2.6 version to the 9.2.7 version or if I install a new plugin.

I don't understand the aim of the modification of the 9.2.7 version.

This part of the deployment has also been then modified with the 9.3.1 version, but the issue is still there (checked with the 9.5.0 version of the chart).

[Janfy]

Works fine with 9.6.0 chart version. I think this issue could be closed. Works fine only if persistence is disabled.

Bug reproduced after enabling persistence.

[Larzack]

Still have this issue on 9.6.0 chart version.

drwxr-xr-x    1 sonarqub sonarqub      17 Oct 22 18:33 .
drwxr-xr-x    1 root     root          23 Oct 23 17:29 ..
-rw-r--r--    1 sonarqub sonarqub    7.5K Oct 22 18:23 COPYING
drwxr-xr-x    1 sonarqub sonarqub      36 Oct 23 17:29 bin
drwxr-xr-x    2 sonarqub sonarqub      50 Oct 22 18:23 conf
drwxrwxrwx    4 root     root        6.0K Mar 28 15:01 data
drwxr-xr-x    7 sonarqub sonarqub     131 Oct 22 18:23 elasticsearch
drwxr-xr-x    2 root     root        6.0K Mar 28 13:52 extensions
drwxr-xr-x    7 sonarqub sonarqub     157 Oct 22 18:33 lib
drwxrwxrwx    2 root     root        6.0K Mar 28 15:01 logs
drwxrwxrwx    3 root     root        6.0K Mar 28 15:13 temp
drwxr-xr-x    6 sonarqub sonarqub    4.0K Oct 22 18:33 web

Has you can see, the folder extensions has 755 rights instead of 777.

[Janfy]

My bad. Bug reproduced when persistence is enabled.

[fl-max]

I was able to get around this by setting:

initContainers:
  securityContext:
    runAsUser: 1000

NOTE: Plugin installs will not work in v8.9.0 of SonarQube.

[gmoirod]

I think problem is caused by the "install plugin" init-container :

  initContainers:
  - command:
    - sh
    - -e
    - /tmp/scripts/install_plugins.sh
    image: rjkernick/alpine-wget:latest
    imagePullPolicy: IfNotPresent
    name: install-plugins
  ....
    volumeMounts:
    - mountPath: /opt/sonarqube/extensions/downloads
      name: sonarqube
      subPath: extensions/downloads

It creates a path /opt/sonarqube/extensions/downloads with

• /opt/sonarqube/extensions in 755
• /opt/sonarqube/extensions/downloads in 775

So, after that, when the main container tries to create a /opt/sonarqube/extensions/plugins it does not have group write right to create it. Another workaround is to define another mount like this in values.yaml :

  mounts:
    - mountPath: /opt/sonarqube/extensions/plugins
      name: sonarqube
      subPath: extensions/plugins

It pre-creates the needed folder for the main container.

IMHO, the best way to correct this would be to change the mount of the "install plugin" init-container with :

    volumeMounts:
    - mountPath: /opt/sonarqube/extensions
      name: sonarqube
      subPath: extensions

and add a command to mkdir 'downloads' directory in install script.