Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

sonarqube analysis requires authentication when permission is anyone

Tags:

sonarqube

sonarqube-scan

sonarqube 5.5 several Java projects, all have permission set to anyone can execute analysis. use mvn sonar:sonar to run analysis Other projects work fine without error. One project was found to not have the permission set. It was giving:

Not authorized. Analyzing this project requires to be authenticated. Please provide the values of the properties sonar.login and sonar.password.

Setting the permission does not fix it. This project continues to give this error.

Steps taken:

  • Permission is being set on the Project Permissions page, adding Anyone group to EXECUTE ANALYSIS permission. Users 0, groups 1

  • toggle permission off then on again.

  • restart server.
  • remove local sonar/cache

There are two projects with the same name but different keys. QA version and Release.

Not sure what to try next.

------ short log --- mvn -X follows

[INFO] 
[INFO] --- sonar-maven-plugin:3.0.2:sonar (default-cli) @ adminportal-api ---
[INFO] User cache: /Users/kenhargreaves/.sonar/cache
[INFO] Load global repositories
[INFO] Load global repositories (done) | time=265ms
[INFO] User cache: /Users/kenhargreaves/.sonar/cache
[INFO] Exclude plugins: devcockpit, buildstability, pdfreport, report, scmstats, buildbreaker, views, jira
[INFO] Load plugins index
[INFO] Load plugins index (done) | time=16ms
[INFO] SonarQube version: 5.5
[INFO] Default locale: "en_US", source code encoding: "UTF-8"
[INFO] -- Cache for project [com.fusemail:adminportal-api] not found, synchronizing data..
[INFO] Load rules
[INFO] Load rules (done) | time=244ms
[INFO] Load project settings
[INFO] Load project settings (done) | time=182ms
[INFO] Load project quality profiles
[INFO] Load project quality profiles (done) | time=59ms
[INFO] Load project active rules
[INFO] Load project active rules (done) | time=888ms
[INFO] Load server issues
[INFO] Load server issues (done) | time=844ms
[INFO] Load user information
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 8.221 s
[INFO] Finished at: 2016-07-22T11:39:38-07:00
[INFO] Final Memory: 65M/470M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.0.2:sonar (default-cli) on project adminportal-api: Not authorized. Analyzing this project requires to be authenticated. Please provide the values of the properties sonar.login and sonar.password. -> [Help 1]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 

-----------------
INFO] Default locale: "en_US", source code encoding: "UTF-8"
[DEBUG] Work directory: /Users/kenhargreaves/Documents/workspace/fm-api-portalapi/target/sonar
[DEBUG] Execution getVersion
[DEBUG] Execution execute
[DEBUG] cache: /Users/kenhargreaves/.sonar/ws_cache/http%3A%2F%2Fsonarqube.electric.net/5.5/projects/com.fusemail%3Aadminportal-api
[INFO] -- Cache for project [com.fusemail:adminportal-api] not found, synchronizing data..
[INFO] Load rules
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/list.protobuf | time=100ms
[INFO] Load rules (done) | time=176ms
[INFO] Load project settings
[DEBUG] GET 200 http://sonarqube.electric.net/batch/project.protobuf?key=com.fusemail%3Aadminportal-api&issues_mode=true | time=53ms
[INFO] Load project settings (done) | time=158ms
[INFO] Load project quality profiles
[DEBUG] GET 200 http://sonarqube.electric.net/api/qualityprofiles/search.protobuf?projectKey=com.fusemail%3Aadminportal-api | time=41ms
[INFO] Load project quality profiles (done) | time=53ms
[INFO] Load project active rules
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=c-sonar-way-50322&p=1&ps=500 | time=128ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=cpp-sonar-way-23842&p=1&ps=500 | time=160ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=java-sonar-03590&p=1&ps=500 | time=64ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=js-sonar-way-84357&p=1&ps=500 | time=103ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=objc-sonar-way-52782&p=1&ps=500 | time=123ms
[DEBUG] GET 200 http://sonarqube.electric.net/api/rules/search.protobuf?f=repo,name,severity,lang,internalKey,templateKey,params,actives&activation=true&qprofile=py-sonar-way-75611&p=1&ps=500 | time=69ms
[INFO] Load project active rules (done) | time=728ms
[INFO] Load server issues
[DEBUG] GET 200 http://sonarqube.electric.net/batch/issues.protobuf?key=com.fusemail%3Aadminportal-api | time=333ms
[INFO] Load server issues (done) | time=524ms
[INFO] Load user information
[DEBUG] GET 401 http://sonarqube.electric.net/batch/users?logins=axxx.mxxxx | time=31ms
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 8.647 s
[INFO] Finished at: 2016-07-22T11:42:01-07:00
[INFO] Final Memory: 66M/467M

The user we see there did have an account in the sonarqube server, I did remove him to see what happens.

like image 348
Ken Hargreaves Avatar asked Sep 01 '25 23:09

Ken Hargreaves

2 Answers

Go to SonarQube web page, administration, and then go to security and disable "Force User Authentication".

like image 104
Maximiliano Matus Avatar answered Sep 04 '25 08:09

Maximiliano Matus

Are you forcing authentication in SonarQube?

If this is the case, you basically need to:

  1. Generate a token for the user-account in SonarQube
  2. Expose the token in an environment variable, say SONAR_TOKEN as below:
    export SONAR_TOKEN="<your_token>" (bash/GitBash)
    SET SONAR_TOKEN="<your_token>" (bat/Windows)
  3. Use the token in you maven command like:
    mvn ... sonar:sonar -Dsonar.login=$SONAR_TOKEN (bash/GitBash)
    mvn ... sonar:sonar -Dsonar.login=%SONAR_TOKEN% (bat/Windows)

This is extensively discussed at Sonarqube authorization - how to authorize with sonar-maven-plugin when sonar.forceAuthentication is enabled.

like image 42
idrositis Avatar answered Sep 04 '25 09:09

idrositis

Sign in to Comment

Related questions

How to get SonarQube Issues Report via API
Exclude configured in pom.xml for jacoco and exclude files in sonar

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!