Why Sonar-scanner 4.2 is unable to create user cache? - sonarqube

Using a dockerized sonar scanner 4.2 official image I try to run a sample Docker run operation of the sonar scanner and I get
unable to create user cache: /usr/src/.sonar/cache caused by: Java.nio.file.accessdeniedexception: /usr/src/.sonar
everytime. Is it an issue with the user on the image? It's hard to believe since this is an official sonar scannerDocker image


Did you mount anything to /usr/src with -v "/path/to/project:/usr/src"?


On Linux, I had to create manually folders and set correct chmod :
mkdir .sonar .sonar/cache .scannerwork
sudo chmod -R 777 .sonar
sudo chmod -R 777 .scannerwork
To automize the scans, I created a docker-compose-sonarqube.yml which contains :
- the sonarqube server
- the sonarqube database
- tha sonarqube scanner
version: '3.7'
services:
# Sonarqube server : continuous code quality + security
# User = admin, password = admin
# The first time, we need to adjust docker parameters for sonarqube. Execute commands in the section 'Docker Host Requirements' from https://hub.docker.com/_/sonarqube/ : sudo sysctl -w vm.max_map_count=262144; sudo sysctl -w fs.file-max=65536; ulimit -n 65536; ulimit -u 4096; docker-compose -f docker-compose-sonarqube.yml up
sonarqube:
image: sonarqube:8.3-community
depends_on:
- sonarqube-db
ports:
- "54380:9000"
expose:
- "9000"
networks:
- sonarnet
environment:
SONAR_JDBC_URL: jdbc:postgresql://sonarqube-db:5432/sonar
SONAR_JDBC_USERNAME: sonar
SONAR_JDBC_PASSWORD: sonar
volumes:
- sonarqube_data:/opt/sonarqube/data
- sonarqube_extensions:/opt/sonarqube/extensions
- sonarqube_logs:/opt/sonarqube/logs
- sonarqube_temp:/opt/sonarqube/temp
# Sonarqube database
sonarqube-db:
image: postgres
networks:
- sonarnet
environment:
POSTGRES_USER: sonar
POSTGRES_PASSWORD: sonar
volumes:
- postgresql:/var/lib/postgresql
# This needs explicit mapping due to https://github.com/docker-library/postgres/blob/4e48e3228a30763913ece952c611e5e9b95c8759/Dockerfile.template#L52
- postgresql_data:/var/lib/postgresql/data
# Sonarqube client (scanner)
sonarqube-scanner-cli:
image: sonarsource/sonar-scanner-cli
depends_on:
- sonarqube
networks:
- sonarnet
volumes:
- ./:/usr/src
environment:
SONAR_HOST_URL: http://sonarqube:9000
networks:
sonarnet:
driver: bridge
volumes:
sonarqube_data:
sonarqube_extensions:
sonarqube_logs:
sonarqube_temp:
postgresql:
postgresql_data:
Set your project sources in sonar-project.properties :
# must be unique in a given SonarQube instance
sonar.projectKey=myapp
# --- optional properties ---
# defaults to project key
sonar.projectName=My App
# defaults to 'not provided'
#sonar.projectVersion=1.0
# Path is relative to the sonar-project.properties file. Defaults to .
sonar.sources=./symfony/src
# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=UTF-8
# Sonarqube server url
sonar.host.url=http://sonarqube:9000
Finally run sonarqube.sh
# Usage : sh sonarqube.sh firefox
sonarcube() {
sonarqubePort=54380
sudo date # Ask for the password at the begining
docker-compose -f docker-compose-sonarqube.yml up --d
isServerUp=1
while [ "$isServerUp" != "0" ]; do # Wait for sonarcube server to be up
echo "Waiting for sonarqube. This may take 1 min ..."
curl http://localhost:$sonarqubePort -s|grep "window.serverStatus"|grep "UP"
isServerUp=$?
sleep 1
done
sleep 3
mkdir .sonar .sonar/cache .scannerwork
sudo chmod -R 777 .sonar
sudo chmod -R 777 .scannerwork
docker-compose -f docker-compose-sonarqube.yml start sonarqube-scanner-cli;
docker-compose -f docker-compose-sonarqube.yml logs -f sonarqube-scanner-cli;
firefox http://localhost:54380/dashboard?id=myapp
echo "View Sonarqube results at http://localhost:$sonarqubePort/dashboard?id=myapp"
}
sonarcube


I had the same problem under OpenShift with a Jenkins container configured with the Sonar scanner plugin.
To fix it I added an environment variable SONAR_USER_HOME, pointing to /tmp, at Jenkins's configuration, under Global Properties section.

Related

Mounting Volume in DockerFile on Windows

I am working on a Springboot project with docker. I tried to mount volume so I could have access to generated files from the Springboot application in my local directory. The data is generated in the docker container but I can not find it the local directory.
I have read many topics but none seems to be helpful.
Please, I am still new to docker and would appreciate suggestions to assist.
I have tried to mount the volume directly in the dockerfile as there is a docker compose file to run the service alongside others. Below is what I have in my Dockerfile and docker-compose
Dockerfile
FROM iron/java:1.8
EXPOSE 8080
ENV USER_NAME myprofile
ENV APP_HOME /home/$USER_NAME/app
#Test Script>>>>>>>>>>>>>>>>>>>>>>
#Modifiable
ENV SQL_SCRIPT $APP_HOME/SCRIPTS_TO_RUN
ENV SQL_OUTPUT_FILE $SQL_SCRIPT/data
ENV NO_OF_USERS 3
ENV RANGE_OF_SKILLS "1-4"
ENV HOST_PATH C:"/Users/user1/IdeaProjects/path/logs"
#>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
RUN adduser -S $USER_NAME
RUN mkdir $APP_HOME
RUN mkdir $SQL_SCRIPT
RUN chown $USER_NAME $SQL_SCRIPT
VOLUME $HOST_PATH: $SQL_SCRIPT
ADD myprofile-*.jar $APP_HOME/myprofile.jar
RUN chown $USER_NAME $APP_HOME/myprofile.jar
USER $USER_NAME
WORKDIR $APP_HOME
RUN sh -c 'touch myprofile.jar'
ENTRYPOINT ["sh", "-c","java -Djava.security.egd=file:/dev/./urandom -jar myprofile.jar -o $SQL_OUTPUT_FILE -n $NO_OF_USERS -r $RANGE_OF_SKILLS"]
Docker-compose
myprofile-backend:
extra_hosts:
- remotehost
container_name: samplecontainer-name
image: sampleimagename
links:
- rabbitmq
- db:redis
expose:
- "8080"
ports:
- "8082:8080"
volumes:
- ./logs/:/tmp/logs
- ./logs/:/app

The problem here is that you are mounting the same folder ./logs twice. Docker-compose volume mount syntax is - <your-host-path>:<your-container-path>. Also, its better to use relative paths when you are building the application. So change docker-compose file to (assuming you want to see the files in ./target relative to the Dockerfile:
myprofile-backend:
extra_hosts:
- remotehost
container_name: samplecontainer-name
image: sampleimagename
links:
- rabbitmq
- db:redis
expose:
- "8080"
ports:
- "8082:8080"
volumes:
- ./logs/:/tmp/logs
- ./target/:/app

ASP NET Core SQL Server Docker-Compose entry point bash script show errors on logs

I'm dockerizing an app but the entry point script doesn't work. The app couldn't perform CRUD actions and shows the "failed logging in with sa" error. I checked out the database because I suspect that the database didn't get created and yes, it didn't. So I thought the problem has to be the entry point script:
#!/bin/sh
set -e
until dotnet database update; do
echo "SQL Server is starting up"
sleep 1
done
echo "SQL Server is up - executing command"
dotnet database update
This script doesn't stop the app from building but it shows this in the log:
./Setup.sh: 1: ./Setup.sh: #!/bin/bash
not found
./Setup.sh: 2: ./Setup.sh:
not found
./Setup.sh: 3: set: Illegal option -
Here's the the docker file that's supposed to run the script above (named Migrations.Dockerfile):
FROM mcr.microsoft.com/dotnet/sdk:5.0 AS build
WORKDIR /src
COPY ["Project/Project.csproj", "Project/"]
COPY Setup.sh Project/Setup.sh
RUN dotnet tool install --global dotnet-ef
RUN dotnet restore "./Project/Project.csproj"
COPY . .
WORKDIR "/src/Project"
RUN /root/.dotnet/tools/dotnet-ef migrations add InitialMigrations
RUN chmod +x ./Setup.sh
CMD /bin/sh ./Setup.sh
And here's the docker-compose.yml file:
version: '3.4'
services:
project:
image: ${DOCKER_REGISTRY-}project
build:
context: .
dockerfile: Project/Dockerfile
ports:
- "9080:80"
depends_on:
- migrations
- db
db:
image: mcr.microsoft.com/mssql/server:2019-latest
environment:
SA_PASSWORD: "W0WV3RYSTRONGPASSWORD!"
ACCEPT_EULA: "Y"
ports:
- "14331:1433"
depends_on:
- migrations
migrations:
build:
context: .
dockerfile: Migrations.Dockerfile

Cannot open Minio in browser after dockerizing it in Spring Boot App

I have a problem in opening minio in the browser. I just created Spring Boot app with the usage of it.
Here is my application.yaml file shown below.
server:
port: 8085
spring:
application:
name: springboot-minio
minio:
endpoint: http://127.0.0.1:9000
port: 9000
accessKey: minioadmin #Login Account
secretKey: minioadmin # Login Password
secure: false
bucket-name: commons # Bucket Name
image-size: 10485760 # Maximum size of picture file
file-size: 1073741824 # Maximum file size
Here is my docker-compose.yaml file shown below.
version: '3.8'
services:
minio:
image: minio/minio:latest
container_name: minio
environment:
MINIO_ROOT_USER: "minioadmin"
MINIO_ROOT_PASSWORD: "minioadmin"
volumes:
- ./data:/data
ports:
- 9000:9000
- 9001:9001
I run it by these commands shown below.
1 ) docker-compose up -d
2 ) docker ps -a
3 ) docker run minio/minio:latest
Here is the result shown below.
C:\Users\host\IdeaProjects\SpringBootMinio>docker run minio/minio:latest
NAME:
minio - High Performance Object Storage
DESCRIPTION:
Build high performance data infrastructure for machine learning, analytics and application data workloads with MinIO
USAGE:
minio [FLAGS] COMMAND [ARGS...]
COMMANDS:
server start object storage server
gateway start object storage gateway
FLAGS:
--certs-dir value, -S value path to certs directory (default: "/root/.minio/certs")
--quiet disable startup information
--anonymous hide sensitive information from logging
--json output server logs and startup information in json format
--help, -h show help
--version, -v print the version
VERSION:
RELEASE.2022-01-08T03-11-54Z
When I write 127.0.0.1:9000 in the browser, I couldn't open the MinIo login page.
How can I fix my issue?

The MinIO documentation includes a MinIO Docker Quickstart Guide that has some recipes for starting the container. The important thing here is that you cannot just docker run minio/minio; it needs a command to run, probably server. This also needs to be translated into your Compose setup.
The first example on that page breaks down like so:
docker run \
-p 9000:9000 -p 9001:9001 \ # publish ports
-e "MINIO_ROOT_USER=..." \ # set environment variables
-e "MINIO_ROOT_PASSWORD=..." \
quay.io/minio/minio \ # image name
server /data --console-address ":9001" # command to run
That final command is important. In your example where you just docker run the image and get a help message, it's because you omitted the command. In the Compose setup you also don't have a command: line; if you look at docker-compose ps I expect you'll see the container is exited, and docker-compose logs minio will probably show the same help message.
You can include that command in your Compose setup with command::
version: '3.8'
services:
minio:
image: minio/minio:latest
environment:
MINIO_ROOT_USER: "..."
MINIO_ROOT_PASSWORD: "..."
volumes:
- ./data:/data
ports:
- 9000:9000
- 9001:9001
command: server /data --console-address :9001 # <-- add this

docker is not found when running a docker command in entrypoint.sh

I'm getting
app_1 | ./entrypoint.sh: line 2: docker: command not found
when running this line of code in entrypoint.sh
docker exec -it fullstacktypescript_database_1 psql -U postgres -c "CREATE DATABASE elitypescript"
How would i properly execute this command ?
entrypoint.sh
# entrypoint.sh
docker exec -it fullstacktypescript_database_1 psql -U postgres -c "CREATE DATABASE elitypescript"
npm run seed # my attempt to run seed first before server kicks in. but doesnt work
npm run server
docker-compose.yml
# docker-compose.yml
version: "3"
services:
app:
build: ./server
depends_on:
- database
ports:
- 5000:5000
environment:
PSQL_HOST: database
PSQL_PORT: 5430
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-password}
POSTGRES_USER: ${POSTGRES_USER:-postgres}
POSTGRES_DB: ${POSTGRES_DB:-elitypescript}
entrypoint: ["/bin/bash", "./entrypoint.sh"]
client:
build: ./client
image: react_client
links:
- app
working_dir: /home/node/app/client
volumes:
- ./:/home/node/app
ports:
- 3001:3001
command: npm run start
env_file:
- ./client/.env
database:
image: postgres:9.6.8-alpine
volumes:
- database:/var/lib/postgresql/data
ports:
- 3030:5439
volumes:
database:

Try this Dockerfile :
FROM node:10.6.0
COPY . /home/app
WORKDIR /home/app
COPY package.json ./
RUN npm install
ENV DOCKERVERSION=18.03.1-ce
RUN curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKERVERSION}.tgz \
&& tar xzvf docker-${DOCKERVERSION}.tgz --strip 1 -C /usr/local/bin docker/docker \
&& rm docker-${DOCKERVERSION}.tgz
EXPOSE 5000

You trying to run docker container inside of the docker container. In most cases it is very bad approach and you should to avoid it. But in case if you really need it and if you really understand what are you doing, you have to apply Docker-in-Docker(dind).
As far as I understand you, you need to run script CREATE DATABASE elitypescript, the better option will be to apply sidecar pattern - to run another one container with PostgreSQL client that will run your script.

Link the containers together and connect using the hostname.
# docker-compose
services:
app:
links:
- database
...
then just:
# entrypoint.sh
# the database container is available under the hostname database
psql -h database -p 3030 -U postgres -c "CREATE DATABASE elitypescript"
Links are a legacy option, but easier to use then networks.

running flyway migrate in docker with oracle

I have a docker file which runs an install script. it fails to find oracle connection to run migrate. in my install script i set the export to oracle home and tns directory
structure
bin
conf
docker-compose-ccpdev1.yml
Dockerfile
HOSTNAMES.md
include
INSTALL.md
install.sh
README.md
sql
my Dockerfile contains the following
# environment
ENV ORACLE_HOME="/opt/SP/instantclient_12_2"
ENV TNS_ADMIN="$ORACLE_HOME/network/admin"
ENV LD_LIBRARY_PATH="$ORACLE_HOME"
ENV PATH="$ORACLE_HOME:$TNS_ADMIN:/opt/SP/ccp-ops/bin:/opt/rh/rh-php71/root/bin:/opt/rh/rh-php71/root/sbin:/opt/rh/rh-nodejs8/root/usr/bin:$PATH"
ENV PHP_HOME="/opt/rh/rh-php71/root"
ENV https_proxy="proxy01.domain-is.de:8080"
# install
RUN yum update -y; yum install -y rh-php71 rh-php71-php-xml rh-php71-php-json rh-php71-php-ldap rh-php71-php-fpm rh-php71-php-devel rh-php71-php-opcache rh-nodejs8 libaio java wget; yum groupinstall 'Development Tools' -y; yum clean all; /root/install.sh;
VOLUME [ "/sys/fs/cgroup" ]
# run
CMD ["/usr/sbin/init"]
# ports
EXPOSE 80
EXPOSE 443
EXPOSE 8080
EXPOSE 3000
my install.sh files contains
export ORACLE_HOME=/opt/SP/instantclient_12_2
export TNS_ADMIN=$ORACLE_HOME/network/admin
export PATH=$PATH:$ORACLE_HOME:$TNS_ADMIN
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ORACLE_HOME
export https_proxy=proxy01.domain-is.de:8080
mv /opt/SP/flyway-commandline-5.1.4.tar.gz/flyway-5.1.4 /opt/SP
rm -rf /opt/SP/flyway-commandline-5.1.4.tar.gz
mv /root/flyway.conf /opt/SP/flyway-5.1.4/conf
cp /opt/SP/instantclient_12_2/ojdbc8.jar /opt/SP/flyway-5.1.4/jars/
cd /opt/SP/flyway-5.1.4
./flyway baseline
cp /root/create_ccp_schemas.sql sql/V2__create_ccp_schemas.sql
./flyway migrate
sed -i 's/flyway\.user\=sys as sysdba/flyway\.user\=c##CCP/' conf/flyway.conf
sed -i 's/flyway\.password\=Oradoc_db1/flyway\.password\=CCP/' conf/flyway.conf
./flyway baseline -baselineVersion=2
cp /root/import_schema.sql sql/V3__import_schema.sql
sed -i 's/CCPRW/C##CCPRW/' sql/V3__import_schema.sql
sed -i 's/CCPRO/C##CCPRO/' sql/V3__import_schema.sql
./flyway migrate
cp /root/import_data.sql sql/V4__import_data.sql
sed -i 's/CCPRW/C##CCPRW/' sql/V4__import_data.sql
sed -i 's/CCPRO/C##CCPRO/' sql/V4__import_data.sql
sed -i '/REM INSERTING into/d' sql/V4__import_data.sql
sed -i '/SET DEFINE OFF/d' sql/V4__import_data.sql
error i get is
WARNING: Connection error: IO Error: could not resolve the connect identifier "ccp.oracle:1521/ORCLCDB.localdomain" (caused by could not resolve the connect identifier "ccp.oracle:1521/ORCLCDB.localdomain") Retrying in 1 sec...
...
ERROR:
Unable to obtain connection from database (jdbc:oracle:thin:#ccp.oracle:1521/ORCLCDB.localdomain) for user 'sys as sysdba': IO Error: could not resolve the connect identifier "ccp.oracle:1521/ORCLCDB.localdomain"
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
SQL State : 08006
Error Code : 17002
Message : IO Error: could not resolve the connect identifier "ccp.oracle:1521/ORCLCDB.localdomain"
i build the image using setenforce 0; docker build -t ccp-apache-php-fpm .
If i log into the docker image and run flyway manually it works. i log into image using
docker-compose -p ccpdev1 -f /root/ccp-apache-php-fpm/docker-compose-ccpdev1.yml up -d --remove-orphans
docker container exec -it ccp_app_1 /bin/bash
UPDATE
I have moved the flyway set up to post install in the docker composer file. problem i have now is it runs continuously and the container keeps restarting
dokerfile
version: '3'
services:
ccp.oracle:
container_name: ccp_oracle_1
hostname: ccp_oracle1
image: registry-beta.cdaas.domain.com/oracle/database/enterprise:12.2.0.1
restart: unless-stopped
ports:
- "33001:1521"
networks:
- backend1
ccp.app:
container_name: ccp_app_1
hostname: ccp_app1
image: ccp-apache-php-fpm
restart: unless-stopped
ports:
- "33080:80"
- "33000:3000"
links:
- ccp.oracle
command: ["./root/wait_for_oracle.sh"]
networks:
- backend1
ccp.worker:
container_name: ccp_worker_1
hostname: ccp_worker1
image: ccp-apache-php-fpm
restart: unless-stopped
links:
- ccp.app
- ccp.oracle
networks:
- backend1
ccp.jenkins:
container_name: ccp_jenkins_1
hostname: ccp_jenkins1
image: jenkins
restart: unless-stopped
ports:
- "33081:8080"
- "50001:50000"
networks:
- backend1
networks:
backend1:
driver: "bridge"

Resources