Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Coldfusion plugin Global Settings #19

Open
tonymorelli73 opened this issue Sep 19, 2017 · 8 comments
Open

Coldfusion plugin Global Settings #19

tonymorelli73 opened this issue Sep 19, 2017 · 8 comments

Comments

@tonymorelli73
Copy link

Are the Coldfusion plugin global settings from http://localhost:9000/settings?category=coldfusion used or do the values have to be set in the sonar-project.properties file?

Specifically, I am running into an issue where the Coldfusion plugin is not terminating correctly and passing control back to SonarQube to run the next parser, and fails with a java Heap exception. I am trying to set the Java executable options to -Xmx1024m -Xms512m -XX:+HeapDumpOnOutOfMemoryError in the global settings, but I am not seeing any log or information showing me it's getting picked up. Before I try another run with setting the value in the project.properties file, I wanted to confirm.
@mpaluchowski
Copy link
Contributor

The SonarQube plugin will use the Java options set in sonar-project.properties, however the underlying CFLint process will not. This plugin executes the actual analysis with CFLint, and you can also pass Java parameters to it, but via the plugin's configuration parameter sonar.cf.cflint.java.opts. This one you can set in sonar-project.properties or in SonarQube's administration dashboard.

@tonymorelli73
Copy link
Author

I have set the Java executable options parameter on the sonarQube administration dashboard to -Xmx1024m -Xms512m -XX:+HeapDumpOnOutOfMemoryError which now seems to get past the heap error. I am now hitting a number of Null Pointer Exception errors which is causing the plugin to not complete. Is there anyway to turn on more debug log information either within the CFLint embedded within the plugin or for the plugin itself. running sonar-scanner with the -X option doesn't give a lot of further details.

@mpaluchowski
Copy link
Contributor

I'm afraid not :( CFLint (and its underlying cfparser) contains very little logging, and most of the output are simple System.out.println() calls. The NullPointerExceptions you're seeing are almost certainly from CFLint's parsing errors.

You could download CFLint and run it manually on the same code. Note the SonarQube plugin doesn't have the latest CFLint release, because that one had bugs that we considered blockers for adopting it. That means running plain CFLint might show fewer errors than the SonarQube analysis.

@tonymorelli73
Copy link
Author

Thanks. I have been running CFLint v1.20 manually looking into the issues there.

@tonymorelli73
Copy link
Author

tonymorelli73 commented Sep 20, 2017
edited
Loading

After running the CFLint 1.2.0 manually and comparing the issue to the SonarQube plugin logs, the NULL Pointer Exception error is coming form the CFLintanalysisResultImport class of the plugin. the stack trace is below:

08:18:16.580 ERROR: Error during SonarQube Scanner execution
java.lang.NullPointerException
	at com.google.common.base.Preconditions.checkNotNull(Preconditions.java:187)
	at com.stepstone.sonar.plugin.coldfusion.cflint.CFlintAnalysisResultImporter.createNewIssue(CFlintAnalysisResultImporter.java:106)
	at com.stepstone.sonar.plugin.coldfusion.cflint.CFlintAnalysisResultImporter.handleIssueTag(CFlintAnalysisResultImporter.java:97)
	at com.stepstone.sonar.plugin.coldfusion.cflint.CFlintAnalysisResultImporter.parse(CFlintAnalysisResultImporter.java:74)
	at com.stepstone.sonar.plugin.coldfusion.cflint.CFlintAnalysisResultImporter.parse(CFlintAnalysisResultImporter.java:64)
	at com.stepstone.sonar.plugin.coldfusion.cflint.CFlintAnalysisResultImporter.parse(CFlintAnalysisResultImporter.java:53)
	at com.stepstone.sonar.plugin.coldfusion.ColdFusionSensor.importResults(ColdFusionSensor.java:74)
	at com.stepstone.sonar.plugin.coldfusion.ColdFusionSensor.execute(ColdFusionSensor.java:57)
	at org.sonar.batch.sensor.SensorWrapper.analyse(SensorWrapper.java:57)
...

Looking through the code, the Precondition is failing on checking the input file, which is presumably the cflint-result.xml file that is stored in the .sonar folder. I don't have any logs that show what file is trying to be checked, but the InputReader created in CFlintAnalysisResultImporter.java on line 95 seems to be root of this NPE.

update
One note, in the cflint-result.xml file, the file tags look like : D:\SonarQube\SonarQubeWorkingCopy\CMS\branches\dev_5.7.0\VTS\.\Main\actcfr\list.cfm
Could the path having the "dot" be an issue ( VTS\.\Main ) ?

@mpaluchowski
Copy link
Contributor

The error looks similar to #15, where I asked for some additional feedback but never got it. And we couldn't reproduce it. Maybe you can provide more details?

@tonymorelli73
Copy link
Author

tonymorelli73 commented Sep 20, 2017
edited
Loading

Below is some information to assist the debugging.

sonar-project.properties file

# must be unique in a given SonarQube instance
sonar.projectKey=CMS_VTS
# this is the name displayed in the SonarQube UI
sonar.projectName=CMS_VTS
sonar.projectVersion=dev_5.7.0
 
# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
# Since SonarQube 4.2, this property is optional if sonar.modules is set. 
# If not set, SonarQube starts looking for source code from the directory containing 
# the sonar-project.properties file.
sonar.sources=.
sonar.exclusions=Main/admin/tree/form.cfm
 
# Encoding of the source code. Default is default system encoding
#sonar.sourceEncoding=windows-1252
#sonar.sourceEncoding=UTF-8

The structure of the code:

D:\SonarQube\SonarQubeWorkingCopy\CMS\branches\dev_5.7.0\VTS
    .sonar
    dbMain
    Main
    sonar-project.properties

Script that runs the sonar-scanner

For /f "tokens=2-4 delims=/ " %%a in ('date /t') do (set mydate=%%c-%%a-%%b)

set temphome="D:\SonarQube\SonarQubeDailyRunner\CMS"

cd /D D:\SonarQube\SonarQubeWorkingCopy\CMS\branches\dev_5.7.0\VTS

D:\SonarQube\sonar-scanner-2.8\sonar-scanner-2.8\bin\sonar-scanner -X > %temphome%\CMS_VTS-%mydate%.log 2>&1

@sphill10
Copy link

We have come across the same issue.

It appears to be related to using sonar.exclusions
If I remove the exclusions from sonar-projects.properties then the execution completes successfully.

INFO: SonarQube Scanner 3.2.0.1227
INFO: Java 1.8.0_121 Oracle Corporation (64-bit)
INFO: Linux 4.4.0-1060-aws amd64

10:50:23.456 DEBUG: * CSS / SCSS / Less 4.18 (css)
10:50:23.456 DEBUG: * SonarPython 1.10.0.2131 (python)
10:50:23.457 DEBUG: * Svn 1.7.0.1017 (scmsvn)
10:50:23.458 DEBUG: * SonarJS 4.1.0.6085 (javascript)
10:50:23.467 DEBUG: * SonarC# 7.0.1.4822 (csharp)
10:50:23.467 DEBUG: * SonarJava 5.3.0.13828 (java)
10:50:23.468 DEBUG: * SonarWeb 2.6.0.1053 (web)
10:50:23.468 DEBUG: * Git 1.4.0.1037 (scmgit)
10:50:23.468 DEBUG: * SonarFlex 2.4.0.1222 (flex)
10:50:23.468 DEBUG: * SonarXML 1.5.0.1373 (xml)
10:50:23.469 DEBUG: * SonarPHP 2.13.0.3107 (php)
10:50:23.469 DEBUG: * SonarTS 1.6.0.2388 (typescript)
10:50:23.469 DEBUG: * ColdFusion 1.5.0 (coldfusion)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mpaluchowski @tonymorelli73 @sphill10