search

SonarSource / sonar-scanner-msbuild

SonarScanner for .NET
http://redirect.sonarsource.com/doc/msbuild-sq-runner.html
GNU Lesser General Public License v3.0
365 stars 143 forks source link

[UNIX] `Begin` step should fail early if `sonar-scanner` is not executable #1297

Open andrei-epure-sonarsource opened 2 years ago

andrei-epure-sonarsource commented 2 years ago

This is related to #493.

The problem

Currently, at the END step the scanner is failing on Unix systems because the executable bit is not set on the scanner-cli. The error looks like below. 

andrei@S4NET:$ dotnet ~/2022-08-04-autoscan/s560/SonarScanner.MSBuild.dll end /d:sonar.login="<TOKEN>"                                                       
SonarScanner for MSBuild 5.6
Using the .NET Core version of the Scanner for MSBuild
Post-processing started.
Calling the SonarScanner CLI...
Unhandled exception. System.ComponentModel.Win32Exception (13): An error occurred trying to start process '/home/andrei/2022-08-04-autoscan/s560/sonar-scanner-4.6.2.2472/bin/sonar-scanner' with working directory '/home/andrei/2022-08-04-autoscan/projects_560/WebConfig.CS'. Permission denied
//...
// big ugly stacktrace
//...

This is bad user experience because:

My proposal

Fail at the BEGIN step if the sonar-scanner does not have the executable bit set. This check can easily be done during the begin step.

Furthermore, the scanner should first attempt to set the executable bit, catch the exception if not allowed and fail with a nice error message like:

Error: could not run chmod +x on sonar-scanner. In order to run, the Scanner for .NET needs to execute sonar-scanner during the END step. Please run chmod +x on the sonar-scanner to allow its execution.

JohnYoungers commented 1 year ago

If I have the following step in a dockerfile: RUN sudo dotnet tool install dotnet-sonarscanner --tool-path /usr/local/bin

With the container running, it results in the following on dotnet sonarscanner end: 

An error occurred trying to start process '/usr/local/bin/.store/dotnet-sonarscanner/5.13.0/dotnet-sonarscanner/5.13.0/tools/net5.0/any/sonar-scanner-4.8.0.2856/bin/sonar-scanner' with working directory ...

Is there a recommended approach to determining that path, or should +x be set at a higher level?

andrei-epure-sonarsource commented 1 year ago

Hi @JohnYoungers - could you please ask the question on https://community.sonarsource.com/ ? We monitor that for such questions, and it's better suited for discussions and clarifications. Thanks.