Open i531643 opened 3 years ago
Hello,
Can you upload one of the Shell script that raises the issue, please, so that I can debug?
Thanks
We recently ran into a similar situation, where the error is basically the same just the line numbers are a little different:
ERROR: Error during SonarScanner execution
java.lang.IllegalStateException: Cannot register highlighting rule for characters at Range[from [line=9, lineOffset=0] to [line=9, lineOffset=49]] as it overlaps at least one existing rule
at org.sonar.api.batch.sensor.highlighting.internal.DefaultHighlighting.checkOverlappingBoundaries(DefaultHighlighting.java:60)
at org.sonar.api.batch.sensor.highlighting.internal.DefaultHighlighting.doSave(DefaultHighlighting.java:108)
at org.sonar.api.batch.sensor.internal.DefaultStorable.save(DefaultStorable.java:45)
at com.github.sbaudoin.sonar.plugins.shellcheck.rules.ShellCheckSensor.saveSyntaxHighlighting(ShellCheckSensor.java:322)
at com.github.sbaudoin.sonar.plugins.shellcheck.rules.ShellCheckSensor.execute(ShellCheckSensor.java:103)
at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:64)
at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:88)
at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:61)
at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:79)
at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:61)
at org.sonar.scanner.scan.SpringModuleScanContainer.doAfterStart(SpringModuleScanContainer.java:82)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:226)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:205)
at org.sonar.scanner.scan.SpringProjectScanContainer.scan(SpringProjectScanContainer.java:204)
at org.sonar.scanner.scan.SpringProjectScanContainer.scanRecursively(SpringProjectScanContainer.java:200)
at org.sonar.scanner.scan.SpringProjectScanContainer.doAfterStart(SpringProjectScanContainer.java:173)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:226)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:205)
at org.sonar.scanner.bootstrap.SpringScannerContainer.doAfterStart(SpringScannerContainer.java:351)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:226)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:205)
at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:138)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:226)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:205)
at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:71)
at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:65)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at jdk.proxy1/jdk.proxy1.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
at org.sonarsource.scanner.cli.Main.execute(Main.java:126)
at org.sonarsource.scanner.cli.Main.execute(Main.java:81)
at org.sonarsource.scanner.cli.Main.main(Main.java:62)
We are using SonarQube 10.5.1 Enterprise Edition (so this may be a result of the additional plugins in that edition), shellcheck 0.9.0, and ShellCheck Analyzer plugin 2.5.0. We think it is related to how we removed some sensitive data from the script before pushing it to our SCM, but then has some other weirdnesses with what the rest of the script does or does not have. For example, this script triggers the exception (please ignore the fact that the comment content is not accurate, as it's the length that seemed to be important):
#!/bin/bash
VAR1=value1
VAR2=value2
VAR3=value3
VAR4=value4
SENSITIVE_VAR1=<replace with someone's sensitive data>
SENSITIVE_VAR2=<replace with someone's sensitive data>
# This is a comment that contains a comma
VAR5=value5
VAR6=value6
echo Start
echo Complete
but then this script does not cause the exception to be thrown:
#!/bin/bash
VAR1=value1
VAR2=value2
VAR3=value3
VAR4=value4
SENSITIVE_VAR1=<replace with someone's sensitive data>
SENSITIVE_VAR2=<replace with someone's sensitive data>
# This is a comment that does
VAR5=value5
VAR6=value6
echo Start
echo Complete
Dear sbaudin,
I am trying to enable static code analysis for shell scripts using SonarQube 8.0 (also tried with newest one - v9.0) and shellcheck plugin v0.71 and shellcheck analyzer 2.4.0 from Marketplace on SonarQube
I've editted the sonar-project.properties file as it is written in https://github.com/sbaudoin/sonar-shellcheck When I tried to execute sonar-scanner I am experiencing the following error:
I tried to disable highlighting rule by modifying properties file, but without success. The strange thing is that code analysis is passed for some of the scripts and they are successfully uploaded in SonarQube Server when I am using only them. Can you help with advising how can I avoid such error and upload code in SonarQube Server for all shell scripts?
Thank you in advance.
Regards, Ivailo