Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-47776

sonarqube integration doesn't authenticate

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Minor Minor
    • influxdb-plugin
    • None
    • 2.0

      Jenkins: 2.73.2.1-rolling

      InfluxDB plugin: 1.12.3

      Jenkins pipeline implementation.

      I am attempting to publish sonarqube results with the influxdb plugin, but I get the following error:

      [InfluxDB Plugin] Publishing data to: [url=http://influx.example.com, description=influxdb, username=jenkins, password=*****, database=jenkins]
[InfluxDB Plugin] SonarQube data found. Writing to InfluxDB...
[InfluxDB Plugin] Failed to collect data. Ignoring Exception:java.lang.RuntimeException: Failed : HTTP error code : 401
[InfluxDB Plugin] Completed.

      This is because our sonarqube installation requires authentication. I have wrapped the step([$class: 'InfluxDbPublisher']), inside a withSonarQubeEnv block, which exposes a number of new environment variables, including SONAR_HOST_URL and SONAR_AUTH_TOKEN.

      It would be great if the influxdb plugin could utilize the exposed ENV variables to authenticate with Sonarqube (if available)

          [JENKINS-47776] sonarqube integration doesn't authenticate

          Aleksi Simell added a comment -

          Improvement implemented and will be available in the next release.

          Aleksi Simell added a comment - Improvement implemented and will be available in the next release.

          Jonas Lindström added a comment - - edited

          I have tried the suggested solution with a withSonarQubeEnv block, i.e.

          withSonarQubeEnv(<SonarQube installation ID>) {
  step([$class : 'InfluxDbPublisher',
  customData : null,
  customDataMap : null,
  customPrefix : null,
  customProjectName: null,
  target : 'jenkins_data'])
}

          Unfortunately I still get HTTP 401. I have verified that SONAR_AUTH_TOKEN is set inside the block, but it's not accessible to the InfluxDB plugin, it is still null. Perhaps I am doing something wrong. Have you been able to verify the fix with Jenkins pipeline, aleksisimell?

          Running plugin version 1.14.

          Jonas Lindström added a comment - - edited I have tried the suggested solution with a withSonarQubeEnv  block, i.e. withSonarQubeEnv(<SonarQube installation ID>) {   step([$class : 'InfluxDbPublisher' ,   customData : null ,   customDataMap : null ,   customPrefix : null ,   customProjectName: null ,   target : 'jenkins_data' ]) } Unfortunately I still get HTTP 401. I have verified that SONAR_AUTH_TOKEN is set inside the block, but it's not accessible to the InfluxDB plugin, it is still null . Perhaps I am doing something wrong. Have you been able to verify the fix with Jenkins pipeline, aleksisimell ? Running plugin version 1.14.

          Christopher Webb added a comment -

          Confirmed that this doesn't work in a Jenkins declarative pipeline

          Christopher Webb added a comment - Confirmed that this doesn't work in a Jenkins declarative pipeline

          Rahul Sharma added a comment -

          Can someone post an example snippet on how to pass the Auth Token to the plugin in a jenkins Pipeline. It works fine if i add a JUnit in the code base but i am not able to pass it from Pipeline to the plugin in a real environment.

          Rahul Sharma added a comment - Can someone post an example snippet on how to pass the Auth Token to the plugin in a jenkins Pipeline. It works fine if i add a JUnit in the code base but i am not able to pass it from Pipeline to the plugin in a real environment.

          Christoph Forster added a comment - - edited

          Problem still occurs with Plugin Version 1.20.

          Jenkins: 2.150

          SonarQube: 7.1

          The Token is valid and Environment Variable "SONAR_AUTH_TOKEN" is set with the correct value

          Christoph Forster added a comment - - edited Problem still occurs with Plugin Version 1.20. Jenkins: 2.150 SonarQube: 7.1 The Token is valid and Environment Variable "SONAR_AUTH_TOKEN" is set with the correct value

          Christoph Forster added a comment - - edited

          I managed it to send the Authentication using a "Jenkins Global Environment Variable" named "SONAR_AUTH_TOKEN".

          Also it is important (using SonarQube  7.4 and InfluxDB Plugin 1.20.1) to set an Environment Variable "SONAR_HOST_URL".

          Christoph Forster added a comment - - edited I managed it to send the Authentication using a "Jenkins Global Environment Variable" named "SONAR_AUTH_TOKEN". Also it is important (using SonarQube  7.4 and InfluxDB Plugin 1.20.1) to set an Environment Variable "SONAR_HOST_URL".

          Jonas Lindström added a comment -

          forster_ch Are you using Jenkins Pipeline?

          Jonas Lindström added a comment - forster_ch Are you using Jenkins Pipeline?

          Christoph Forster added a comment -

          jl68: yes

          Christoph Forster added a comment - jl68 : yes

          Axel Latvala added a comment - - edited

          This seems to be an issue with some kind of scope (I am not terribly familiar with the inner workings of jenkins).

          Using the WithSonarQubeEnv provides the auth token and host url, but the InfluxDB plugin seems not to be able to access it (even tho it reads this variable in the same exact way as the host url, which succeeds). BUT as a workaround, doing as forster_ch mentioned, setting the sonar auth token as a GLOBAL env variable (that is, Manage Jenkins -> Configure System -> Global properties -> Environment variables, enable and add SONAR_AUTH_TOKEN). This is insecure, since this kind of information is supposed to be handled by Credentials Provider, so use only in dire situations. I am confident that aleksisimell will find the root cause to this and correct it (I made a small PR relating to this, wink wink).

          And to add, I am using the Multibranch Declarative Pipelines when testing this.

          Axel Latvala added a comment - - edited This seems to be an issue with some kind of scope (I am not terribly familiar with the inner workings of jenkins). Using the WithSonarQubeEnv provides the auth token and host url, but the InfluxDB plugin seems not to be able to access it (even tho it reads this variable in the same exact way as the host url, which succeeds). BUT as a workaround, doing as forster_ch mentioned, setting the sonar auth token as a GLOBAL env variable (that is, Manage Jenkins -> Configure System -> Global properties -> Environment variables, enable and add SONAR_AUTH_TOKEN). This is insecure, since this kind of information is supposed to be handled by Credentials Provider, so use only in dire situations. I am confident that aleksisimell will find the root cause to this and correct it (I made a small PR relating to this, wink wink). And to add, I am using the Multibranch Declarative Pipelines when testing this.

          Aleksi Simell added a comment -

          Issue fixed with https://github.com/jenkinsci/influxdb-plugin/pull/74. Will be available in next release.

          Aleksi Simell added a comment - Issue fixed with https://github.com/jenkinsci/influxdb-plugin/pull/74 . Will be available in next release.

            aleksisimell Aleksi Simell
            mgriffin Michael Griffin
            Votes:
            2 Vote for this issue
            Watchers:
            9 Start watching this issue

              Created:
              Updated:
              Resolved: