Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-47776

sonarqube integration doesn't authenticate

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      Jenkins: 2.73.2.1-rolling

      InfluxDB plugin: 1.12.3

      Jenkins pipeline implementation.

      I am attempting to publish sonarqube results with the influxdb plugin, but I get the following error:

      [InfluxDB Plugin] Publishing data to: [url=http://influx.example.com, description=influxdb, username=jenkins, password=*****, database=jenkins]
      [InfluxDB Plugin] SonarQube data found. Writing to InfluxDB...
      [InfluxDB Plugin] Failed to collect data. Ignoring Exception:java.lang.RuntimeException: Failed : HTTP error code : 401
      [InfluxDB Plugin] Completed.

      This is because our sonarqube installation requires authentication. I have wrapped the step([$class: 'InfluxDbPublisher']), inside a withSonarQubeEnv block, which exposes a number of new environment variables, including SONAR_HOST_URL and SONAR_AUTH_TOKEN.

      It would be great if the influxdb plugin could utilize the exposed ENV variables to authenticate with Sonarqube (if available)

        Attachments

          Activity

          Hide
          aleksisimell Aleksi Simell added a comment -

          Improvement implemented and will be available in the next release.

          Show
          aleksisimell Aleksi Simell added a comment - Improvement implemented and will be available in the next release.
          Hide
          jl68 Jonas Lindström added a comment - - edited

          I have tried the suggested solution with a withSonarQubeEnv block, i.e.

          withSonarQubeEnv(<SonarQube installation ID>) {
            step([$class : 'InfluxDbPublisher',
            customData : null,
            customDataMap : null,
            customPrefix : null,
            customProjectName: null,
            target : 'jenkins_data'])
          }

          Unfortunately I still get HTTP 401. I have verified that SONAR_AUTH_TOKEN is set inside the block, but it's not accessible to the InfluxDB plugin, it is still null. Perhaps I am doing something wrong. Have you been able to verify the fix with Jenkins pipeline, Aleksi Simell?

          Running plugin version 1.14.

          Show
          jl68 Jonas Lindström added a comment - - edited I have tried the suggested solution with a withSonarQubeEnv  block, i.e. withSonarQubeEnv(<SonarQube installation ID>) {   step([$class : 'InfluxDbPublisher' ,   customData : null ,   customDataMap : null ,   customPrefix : null ,   customProjectName: null ,   target : 'jenkins_data' ]) } Unfortunately I still get HTTP 401. I have verified that SONAR_AUTH_TOKEN is set inside the block, but it's not accessible to the InfluxDB plugin, it is still null . Perhaps I am doing something wrong. Have you been able to verify the fix with Jenkins pipeline, Aleksi Simell ? Running plugin version 1.14.
          Hide
          cwebbtw Christopher Webb added a comment -

          Confirmed that this doesn't work in a Jenkins declarative pipeline

          Show
          cwebbtw Christopher Webb added a comment - Confirmed that this doesn't work in a Jenkins declarative pipeline
          Hide
          rahulsharma1984 Rahul Sharma added a comment -

          Can someone post an example snippet on how to pass the Auth Token to the plugin in a jenkins Pipeline. It works fine if i add a JUnit in the code base but i am not able to pass it from Pipeline to the plugin in a real environment.

          Show
          rahulsharma1984 Rahul Sharma added a comment - Can someone post an example snippet on how to pass the Auth Token to the plugin in a jenkins Pipeline. It works fine if i add a JUnit in the code base but i am not able to pass it from Pipeline to the plugin in a real environment.
          Hide
          forster_ch Christoph Forster added a comment - - edited

          Problem still occurs with Plugin Version 1.20.

          Jenkins: 2.150

          SonarQube: 7.1

          The Token is valid and Environment Variable "SONAR_AUTH_TOKEN" is set with the correct value

          Show
          forster_ch Christoph Forster added a comment - - edited Problem still occurs with Plugin Version 1.20. Jenkins: 2.150 SonarQube: 7.1 The Token is valid and Environment Variable "SONAR_AUTH_TOKEN" is set with the correct value
          Hide
          forster_ch Christoph Forster added a comment - - edited

          I managed it to send the Authentication using a "Jenkins Global Environment Variable" named "SONAR_AUTH_TOKEN".

          Also it is important (using SonarQube  7.4 and InfluxDB Plugin 1.20.1) to set an Environment Variable "SONAR_HOST_URL".

          Show
          forster_ch Christoph Forster added a comment - - edited I managed it to send the Authentication using a "Jenkins Global Environment Variable" named "SONAR_AUTH_TOKEN". Also it is important (using SonarQube  7.4 and InfluxDB Plugin 1.20.1) to set an Environment Variable "SONAR_HOST_URL".
          Hide
          jl68 Jonas Lindström added a comment -

          Christoph Forster Are you using Jenkins Pipeline?

          Show
          jl68 Jonas Lindström added a comment - Christoph Forster Are you using Jenkins Pipeline?
          Hide
          forster_ch Christoph Forster added a comment -
          Show
          forster_ch Christoph Forster added a comment - Jonas Lindström : yes
          Hide
          vonlatvala Axel Latvala added a comment - - edited

          This seems to be an issue with some kind of scope (I am not terribly familiar with the inner workings of jenkins).

          Using the WithSonarQubeEnv provides the auth token and host url, but the InfluxDB plugin seems not to be able to access it (even tho it reads this variable in the same exact way as the host url, which succeeds). BUT as a workaround, doing as Christoph Forster mentioned, setting the sonar auth token as a GLOBAL env variable (that is, Manage Jenkins -> Configure System -> Global properties -> Environment variables, enable and add SONAR_AUTH_TOKEN). This is insecure, since this kind of information is supposed to be handled by Credentials Provider, so use only in dire situations. I am confident that Aleksi Simell will find the root cause to this and correct it (I made a small PR relating to this, wink wink).

          And to add, I am using the Multibranch Declarative Pipelines when testing this.

          Show
          vonlatvala Axel Latvala added a comment - - edited This seems to be an issue with some kind of scope (I am not terribly familiar with the inner workings of jenkins). Using the WithSonarQubeEnv provides the auth token and host url, but the InfluxDB plugin seems not to be able to access it (even tho it reads this variable in the same exact way as the host url, which succeeds). BUT as a workaround, doing as Christoph Forster mentioned, setting the sonar auth token as a GLOBAL env variable (that is, Manage Jenkins -> Configure System -> Global properties -> Environment variables, enable and add SONAR_AUTH_TOKEN). This is insecure, since this kind of information is supposed to be handled by Credentials Provider, so use only in dire situations. I am confident that Aleksi Simell will find the root cause to this and correct it (I made a small PR relating to this, wink wink). And to add, I am using the Multibranch Declarative Pipelines when testing this.

            People

            • Assignee:
              aleksisimell Aleksi Simell
              Reporter:
              mgriffin Michael Griffin
            • Votes:
              2 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

              • Created:
                Updated: