TechQA.

SonarQube (Self-hosted) Scanning for Next.JS Project

57 views Asked by At

I have a next.js project (not written by me), that I need to run through SonarQube.

We have a self-hosted sonarqube installation that is also being used by other projects for code scans, but they're mainly using Java and Maven.

How do I scan the next js project via Sonarqube? It's a self-hosted installation (GKE), and I have the URL and a token, which I know is correct because if I don't use it, SonarQube rejects my request outright.

I tried using sonarqube-scanner and also tried using the sonar-scanner docker image but in both cases, I get a very cryptic Java error (I've snipped part of the error for brevity):

07:36:22.536 ERROR: Error during SonarScanner execution
java.lang.ExceptionInInitializerError
        at net.sf.cglib.core.KeyFactory$Generator.generateClass(KeyFactory.java:166)
        ...
Caused by: java.lang.reflect.InaccessibleObjectException: Unable to make protected final java.lang.Class java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) throws java.lang.ClassFormatError accessible: module java.base does not "opens java.lang" to unnamed module @71f0806b
        at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:354)
        at java.base/java.lang.reflect.AccessibleObject.checkCanSetAccessible(AccessibleObject.java:297)
        at java.base/java.lang.reflect.Method.checkCanSetAccessible(Method.java:199)
        at java.base/java.lang.reflect.Method.setAccessible(Method.java:193)
        at net.sf.cglib.core.ReflectUtils$2.run(ReflectUtils.java:56)
        at java.base/java.security.AccessController.doPrivileged(AccessController.java:318)
        at net.sf.cglib.core.ReflectUtils.<clinit>(ReflectUtils.java:46)
        ... 61 more
07:36:22.539 ERROR: 
07:36:22.539 ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.

Running with -X didn't help either -- there were no additional error messages around the failure.

Am I missing something?

I'm trying to trigger the scan with this (/work is where the project files are located):

export SONARQUBE_TOKEN={TOKEN_HERE}
export projectKey=myApp:main 
export sonar_host=https://sonarqube.mydomain.com/

sonar-scanner \
  -Dsonar.token=${SONARQUBE_TOKEN} \
  -Dsonar.host.url=${sonar_host} \
  -Dsonar.projectKey=${projectKey} \
  -Dsonar.sources=/work \
  -Dsonar.projectBaseDir=/work \
  -Dsonar.log.level=DEBUG \
  -Dsonar.verbose=true \
  -Dsonar.qualitygate.wait=true
next.js sonarqube sonarqube-scan
Original Q&A
0

There are 0 answers

Related Questions in NEXT.JS

Related Questions in SONARQUBE

Related Questions in SONARQUBE-SCAN

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions