In my situation, I have Jenkins with two nodes. One is acting as a master node, and the other nodes as a slave. Also, I have a separate instance for running on SonarQube.
I have an internal Certificate Authority. I used it to sign my certificates. also, I added this CA certificate to the Jenkins java instance trusted store using keytool. I verified my works using SSLPoke.
But the things is when I run a job using SonarQube analysis it failed with the following error can anyone help me to troubleshoot this issue.
Started by user admin
Running as SYSTEM
Building remotely on centos7-slave in workspace /home/jenkins/workspace/BXGRN/UAT/UAT_SONAR
[WS-CLEANUP] Deleting project workspace...
[WS-CLEANUP] Deferred wipeout is used...
[WS-CLEANUP] Done
The recommended git tool is: NONE
No credentials specified
Cloning the remote Git repository
Cloning repository [email protected]:example-ict/warehouse.git
> git init /home/jenkins/workspace/BXGRN/UAT/UAT_SONAR # timeout=10
Fetching upstream changes from [email protected]:example-ict/warehouse.git
> git --version # timeout=10
> git --version # 'git version 1.8.3.1'
> git fetch --tags --progress [email protected]:example-ict/warehouse.git +refs/heads/*:refs/remotes/origin/* # timeout=10
> git config remote.origin.url [email protected]:example-ict/warehouse.git # timeout=10
> git config --add remote.origin.fetch +refs/heads/*:refs/remotes/origin/* # timeout=10
Avoid second fetch
> git rev-parse refs/remotes/origin/master^{commit} # timeout=10
Checking out Revision 2b11909dea58f3e107ff0c78338b33e76d4beb47 (refs/remotes/origin/master)
> git config core.sparsecheckout # timeout=10
> git checkout -f 2b11909dea58f3e107ff0c78338b33e76d4beb47 # timeout=10
Commit message: "UI URL change"
> git rev-list --no-walk 2b11909dea58f3e107ff0c78338b33e76d4beb47 # timeout=10
[UAT_SONAR] $ /home/jenkins/tools/hudson.plugins.sonar.SonarRunnerInstallation/Sonar_Runner/bin/sonar-scanner -Dsonar.host.url=https://sonar.example.org ******** -Dsonar.sourceEncoding=UTF-8 -Dsonar.typescript.lcov.reportPaths=coverage/lcov.info -Dsonar.sources=./ -Dsonar.language=js -Dsonar.exclusions=src/serviceWorker.js,src/Routes.js,src/index.js -Dsonar.projectVersion=36 -Dsonar.projectKey=bxgrn -Dsonar.verbose=true -Dsonar.log.level=DEBUG -Dsonar.test.inclusions=**/src/**/*.test.js,**/src/**/*.test.jsx -Dsonar.projectName=BXGRN -Dsonar.projectBaseDir=/home/jenkins/workspace/BXGRN/UAT/UAT_SONAR
INFO: Scanner configuration file: /home/jenkins/tools/hudson.plugins.sonar.SonarRunnerInstallation/Sonar_Runner/conf/sonar-scanner.properties
INFO: Project root configuration file: /home/jenkins/workspace/BXGRN/UAT/UAT_SONAR/sonar-project.properties
04:43:34.094 INFO: SonarScanner 4.6.0.2311
04:43:34.096 INFO: Java 9.0.4 Oracle Corporation (64-bit)
04:43:34.096 INFO: Linux 3.10.0-1127.19.1.el7.x86_64 amd64
04:43:34.238 DEBUG: keyStore is :
04:43:34.238 DEBUG: keyStore type is : pkcs12
04:43:34.238 DEBUG: keyStore provider is :
04:43:34.239 DEBUG: init keystore
04:43:34.239 DEBUG: init keymanager of type SunX509
04:43:34.372 DEBUG: Create: /home/jenkins/.sonar/cache
04:43:34.373 INFO: User cache: /home/jenkins/.sonar/cache
04:43:34.373 DEBUG: Create: /home/jenkins/.sonar/cache/_tmp
04:43:34.376 DEBUG: Extract sonar-scanner-api-batch in temp...
04:43:34.379 DEBUG: Get bootstrap index...
04:43:34.379 DEBUG: Download: https://sonar.example.org/batch/index
04:43:34.542 ERROR: SonarQube server [https://sonar.example.org] can not be reached
04:43:34.542 INFO: ------------------------------------------------------------------------
04:43:34.542 INFO: EXECUTION FAILURE
04:43:34.542 INFO: ------------------------------------------------------------------------
04:43:34.542 INFO: Total time: 0.489s
04:43:34.559 INFO: Final Memory: 3M/12M
04:43:34.559 INFO: ------------------------------------------------------------------------
04:43:34.559 ERROR: Error during SonarScanner execution
org.sonarsource.scanner.api.internal.ScannerException: Unable to execute SonarScanner analysis
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:85)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:74)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(IsolatedLauncherFactory.java:70)
at org.sonarsource.scanner.api.EmbeddedScanner.doStart(EmbeddedScanner.java:185)
at org.sonarsource.scanner.api.EmbeddedScanner.start(EmbeddedScanner.java:123)
at org.sonarsource.scanner.cli.Main.execute(Main.java:73)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.lang.IllegalStateException: Fail to get bootstrap index from server
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:42)
at org.sonarsource.scanner.api.internal.JarDownloader.getScannerEngineFiles(JarDownloader.java:58)
at org.sonarsource.scanner.api.internal.JarDownloader.download(JarDownloader.java:53)
at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.lambda$createLauncher$0(IsolatedLauncherFactory.java:76)
... 7 more
Caused by: javax.net.ssl.SSLPeerUnverifiedException: Hostname sonar.example.org not verified:
certificate: sha256/efcGoaHuyZ3CK/sYVfBRQroEdq92kUq4ygagx2CcHz0=
DN: CN=sonar.example.org, OU=Infrastructure, O=example (Private) Limited, L=Colombo, ST=Western Province, C=LK
subjectAltNames: []
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connectTls(RealConnection.java:350)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.establishProtocol(RealConnection.java:300)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.RealConnection.connect(RealConnection.java:185)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.java:224)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.java:108)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ExchangeFinder.find(ExchangeFinder.java:88)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.Transmitter.newExchange(Transmitter.java:169)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.java:41)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.cache.CacheInterceptor.intercept(CacheInterceptor.java:94)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.java:93)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.java:88)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:142)
at org.sonarsource.scanner.api.internal.shaded.okhttp.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.java:117)
at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.getResponseWithInterceptorChain(RealCall.java:221)
at org.sonarsource.scanner.api.internal.shaded.okhttp.RealCall.execute(RealCall.java:81)
at org.sonarsource.scanner.api.internal.ServerConnection.callUrl(ServerConnection.java:115)
at org.sonarsource.scanner.api.internal.ServerConnection.downloadString(ServerConnection.java:99)
at org.sonarsource.scanner.api.internal.BootstrapIndexDownloader.getIndex(BootstrapIndexDownloader.java:39)
... 10 more
04:43:34.561 ERROR:
04:43:34.561 ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.
WARN: Unable to locate 'report-task.txt' in the workspace. Did the SonarScanner succeed?
ERROR: SonarQube scanner exited with non-zero code: 1
Finished: FAILURE
The issue was in my certificate; I need to add SAN to the particular domain name (sonar.example.org). After creating a new certificate with SAN, everything goes as expected.