Gitlab-runner sonar-scanner (docker image) ci pipeline

Hi there.

I’m setting up a pipeline using giltab runner and that involve sonar-scanner as code quality tool.

I have installed gitllab-runner and gitlab on different machine, as best-practies.
On gitlab-runner machine I have installed docker and I have customize config.toml to use docker executor and runner.docker with sonar-scanner image.

so this is my config.toml:

concurrent = 1
check_interval = 0

  session_timeout = 1800

  name = "test-ci"
  url = ""
  token = "mySecretTOKEN"
  tls-ca-file = "/etc/gitlab-runner/certs/mycert.crt"
  executor = "docker"
  environment = ["GIT_SSL_NO_VERIFY=1"]
    tls_verify = false
    image = "sonarsource/sonar-scanner-cli:latest"
    shm_size = 0
    privileged = false
    volumes = ["/etc/sonar-scanner/conf:/opt/sonar-scanner/conf:rw", $PWD:/usr/src:rw ]
    userns_mode = root

This config create a shared runner and run on every commit and all works properly.

I’m facing with an error when gitlab runner launch sonar-scanner docker image.

This is my .gitlab-ci.yml:

  GIT_DEPTH: "0"
  stage: test
    - sonar-scanner -Dsonar.qualitygate.wait=true -Dsonar.projectKey=ci_pipeline\"$SONAR_HOST_URL\" -Dsonar.login=\"$SONAR_TOKEN\"
  allow_failure: true
    - tags
    - master

When pipeline start the sonar-scanner tool, the scan failed cause:

 * [new ref]         refs/pipelines/97 -> refs/pipelines/97
   83ab887..e66e3ce  master            -> origin/master
e[32;1mChecking out e66e3ce4 as master...e[0;m

e[32;1mSkipping Git submodules setupe[0;m
e[0KINFO: Scanner configuration file: /opt/sonar-scanner/conf/
INFO: Project root configuration file: NONE
INFO: SonarQube Scanner
INFO: Java 11.0.3 AdoptOpenJDK (64-bit)
INFO: Linux 3.10.0-957.el7.x86_64 amd64
INFO: ------------------------------------------------------------------------
INFO: ------------------------------------------------------------------------
INFO: Total time: 0.883s
INFO: Final Memory: 2M/58M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarQube Scanner execution
java.lang.IllegalStateException: Unable to create user cache: /usr/src/.sonar/cache
	at org.sonarsource.scanner.api.internal.cache.FileCache.createDir(
	at org.sonarsource.scanner.api.internal.cache.FileCache.<init>(
	at org.sonarsource.scanner.api.internal.cache.FileCache.create(
	at org.sonarsource.scanner.api.internal.JarDownloaderFactory.create(
	at org.sonarsource.scanner.api.internal.IsolatedLauncherFactory.createLauncher(
	at org.sonarsource.scanner.api.EmbeddedScanner.doStart(
	at org.sonarsource.scanner.api.EmbeddedScanner.start(
	at org.sonarsource.scanner.cli.Main.execute(
	at org.sonarsource.scanner.cli.Main.main(
Caused by: java.nio.file.AccessDeniedException: /usr/src/.sonar
	at java.base/sun.nio.fs.UnixException.translateToIOException(Unknown Source)
	at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
	at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
	at java.base/sun.nio.fs.UnixFileSystemProvider.createDirectory(Unknown Source)
	at java.base/java.nio.file.Files.createDirectory(Unknown Source)
	at java.base/java.nio.file.Files.createAndCheckIsDirectory(Unknown Source)
	at java.base/java.nio.file.Files.createDirectories(Unknown Source)
	at org.sonarsource.scanner.api.internal.cache.FileCache.createDir(
	... 9 more
ERROR: Re-run SonarQube Scanner using the -X switch to enable full debug logging.

the runner try to create /usr/src/.sonar/cache without success.

So there is a config that i need to add to config.toml or .gitlab-ci.yml that allow sonar-scanner docker image to create that folder?

thanks in advance.

Hi there,

my guess is that the volume is not set correctly in your config file:

volumes = ["/etc/sonar-scanner/conf:/opt/sonar-scanner/conf:rw", $PWD:/usr/src:rw ]

The env. variable $PWD points to what path? Try to set it to /tmp/sonar or some similar. When the images is not running as root set acc. permissions.

Good luck!


Had similar issue, got it resolved with SONAR_PROJECT_BASE_DIR environment variable.
Try to set it with CI_PROJECT_DIR variable value.

I’ve explained my solution here (