Jenkins build errorFor one applications, builds are failing with a Sonar 403 error.
However, I could see the analysis reports being published.
I read on the internet that assigning browse permission would solve the problem.
However even after assigning the Projects Browse permissions, they still have a 403 error.
Also, when I change the project from Public to Private and manually run the builds, they are building successfully. My jenkins job is pipeline as code.
Sonarqube scanner MSBUild version: 4.0.2
Sonarqube server : 6.7
Jenkins : 2.107.2
Can you please help me with that?
Related
I have sonar-scanner-3.0.0.702 in local and sonar qube v5.3 in remote server.
In my sonar config property i have mentioned as like below.
sonar.host.url=https://example.com/sonar
sonar.token=a2s3d4f4k57
sonar.login=someuser
sonar.password=somepassword
sonar.language=abc,xyz
When I run the sonar scanner by executing ..\bin\sonar-scanner.bat. I can see the jar's are getting downloaded from site and saved under cache folder(C:\Users\John.sonar\cache). But my custom languages jar will not be downlaoded and hence it is throwing error saying
`ERROR: Error during SonarQube Scanner execution
ERROR: You must install a plugin that supports the language 'abc,xyz'
1) How can i plugin my custom JAR files in sonar scanner to make it work ?
Note : I know the procedure to include custom jar file in sonar Qube (sonarqube-5.3\extensions\plugins).But how can we do it for sonar scanner ?
2) In my conf file, i have mentioned sonar.token and sonar.password. if i remove the password i am getting authentication error. Why sonar scanner not using token for authorization ? how can we overcome this error ?
ERROR: Not authorized. Please check the properties sonar.login and sonar.password
I have some issues when try to compile the project using Jenkins. Locally it works fine using SSH.NET, but when I put my code to the windows server 2012R2 and using Jenkins build there. It shows me an error:
"SSH.NET" has already has a dependency defined for "SshNet.Security.Cryptography".
and build fail. Anyone knows what happened in the server side? Why it works locally but has compile errors in the server side?
Thanks
Please check whether your Jenkins installed SSH related plugins. Following screenshot shows the SSH related plugins installed in my Jenkins.
Then please check your Jenkins Configurations whether you configure any SSH related build configurations. In my successful build, I don't choose any SSH related options in build configurations. Please check your Build Configurations based on following screenshot. My project also installed SSH.NET package and it clone from GitHub. Except the project Url and Repositories Url, other options are in the default value.
I am trying to get my Jenkins CI setup to deploy to Sonatype Nexus.
On my personal machine, running gradle upload runs fine, but when running it on Jenkins, I get this error (I added --stacktrace to get the whole error instead of just BUILD FAILED): http://pastebin.com/RPQQxZCg
Line 119 is what I believe to be the problem.
I have looked around the internet for hours but haven't found any resolutions to this problem.
My build.gradle is here. The jar builds fine, just doesn't deploy.
If you need any more information, please let me know!
I have scoured the forums and cannot seem to quite understand the config for the fortify plug-in with Sonar.
I understand it simply builds a widget based on data from a previously generated .fpr file.
My setup:
Maven 3 project
Jenkins 1.606
SonarQube 5.0.1
Sonar-Fortify plug-in 2.0
Prerequisites:
.fpr file is in Jenkins workspace
Sonar is added to pom.xml
sonar-fortify-plug-in v2.0 added to pom.xml - (wasn’t sure this was needed or not)
Sonar server configured in Jenkins
sonar fortify plug-in v2.0 added to Sonar – (only see a dropdown to ‘enableReportLink’ under ‘Configure widgets’
should there be more config somewhere?
Questions:
Where should this property be set? Jenkins Sonar config, Sonar, pom file?
sonar-runner -Dsonar.fortify.reportPath=/path/to/project.fpr
Is that path to the .fpr file where it is within the Jenkins workspace?
The setup instructions on Github seem short and I feel I am missing something specific in my understanding.
Any help or direction to additional documentation is great appreciated.
First of all as documented version 2.0 can not be used anymore. Version 2.1 is going to be released soon. Vote for release will be started this week. Meanwhile you can:
download 2.1-SNAPSHOT version and copy it in extensions/plugins of your SonarQube server installation
restart server. The Fortify rules should be available in the page "Rules".
execute Fortify command "sourceanalyzer", independently from SonarQube. It generates a report file suffixed by .fpr.
execute a standard SonarQube analysis of your project by adding the property sonar.fortify.reportPath, for example:
mvn sonar:sonar -Dsonar.fortify.reportPath=/path/to/project.fpr
sonar-runner -Dsonar.fortify.reportPath=/path/to/project.fpr
If everything works, then you can automate these steps in Jenkins.
I am running my analysis with Maven, triggered by a Jenkins job. As a DBMS i am using MySQL thats running on the same server as Jenkins does but my sonar instance is running on my local machine (connected to the MySQL DB). I don't want to run it on the server, yet. I would prefer to not run it at all for the time being.
Is it possible to run the analysis without a running sonar instance? Why do I have to configure the server URL (the login too) in both, the Jenkins plugin and the pom.xml?
The described architecture on SonarQube Platform Overview indicates that the analyser and server are not directly connected (only via DB).
When i try to run the analysis from Jenkins with no Server URI the build process is throwing the following message:
[ERROR] Failed to execute goal org.codehaus.mojo:sonar-maven-plugin:2.2:sonar (default-cli) on project xxx: SonarQube server can not be reached at http://localhost:9000. Please check the parameter 'sonar.host.url'. Connection refused -> [Help 1]
Thats exactly what i expected, he is trying to connect to the SonarQube instance that i did not want to run.
You don't have to configure the URL to Sonar in the POM if you are using the Sonar plugin to push results to Sonar.
Sonar 'instance' you are referring to is for you to visually see the post code analysis result. If you don't have the Sonar UI web application installed, code analysis is still run by Maven either through Jenkins or your IDE or in the command prompt/shell.