Skip to first unread message
Archimedes Trajano
Mar 13, 2017, 8:12:08 PM3/13/17
to SonarQube
This just happened recently with one of my projects.
https://travis-ci.org/trajano/wagon-git/builds/210770333
I tried doing through Travis and through Maven directly and even created a new token to see if it will help, but for some odd reason this specific project `net.trajano.wagon:wagon-git` keeps on showing me an Insufficient privileges error
https://travis-ci.org/trajano/wagon-git/builds/210770333#L1348
even if the analysis did execute. I have other projects on SonarQube.com that are working fine.
https://travis-ci.org/trajano/wagon-git/builds/210770333
I tried doing through Travis and through Maven directly and even created a new token to see if it will help, but for some odd reason this specific project `net.trajano.wagon:wagon-git` keeps on showing me an Insufficient privileges error
https://travis-ci.org/trajano/wagon-git/builds/210770333#L1348
even if the analysis did execute. I have other projects on SonarQube.com that are working fine.
Archimedes Trajano
Mar 13, 2017, 10:54:20 PM3/13/17
to SonarQube
When running on debug mode I got hte following
[DEBUG] 00:34:28.960 Upload report
[DEBUG] 00:34:29.040 POST 403 https://sonarqube.com/api/ce/submit?projectKey=net.trajano.wagon:wagon-git&projectName=Git%20Wagon%20Provider | time=77ms
on https://travis-ci.org/trajano/wagon-git/builds/210776611#L2649
Julien Lancelot
Mar 14, 2017, 3:53:01 AM3/14/17
to Archimedes Trajano, SonarQube
Hi Archimedes,
First of all, as already said many times, courtesy is appreciated here. Things like Hi, Thx..).
Then, it would also have been interesting to directly give us more information about your configuration, without having to dig into the logs you gave us.
For reference, the SonarQube version extracted from the logs is the 6.3.
Which permission have you gave to the user on which you have created the token ? Does he have the 'Execute Analysis' and 'Browse' permission on the project ?
Regards,
Julien Lancelot
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/eceb6a1c-75a0-4fa9-b624-2a5badc05fbf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
--
Julien LANCELOT | SonarSource
Archimedes Trajano
Mar 14, 2017, 7:50:43 AM3/14/17
to SonarQube, archi...@trajano.net
Hi, this is with SonarQube.com not my own SonarQube instance. As for the user, its the one I created using my GitHub account and I don't have anything about setting permissions. I have never done a successful execution of the `net.trajano.wagon:wagon-git` project as such there is no result from https://sonarqube.com/dashboard?id=net.trajano.wagon%3Awagon-git to my understanding and experience, the project just gets created.
My only guess is someone else created the project with the same key but made it hidden somehow, but that's sort of strange considering SonarQube.com was meant for opensource projects.
As far as execution goes, it's just using the `sonar:sonar` target on Travis. I've had many other projects that work correctly before, this is the first time it had failed. The sources are in https://github.com/trajano/wagon-git If you look in pom.xml, there'll be no mention of Sonar (this is intentional) SonarQube was meant to be an add-on.
The travis.yml has the tokens encrypted and is using the `secure` value. I have sent a support e-mail regarding this where I had provided the token itself for verification. And my unit tests also use one of the tokens (albeit not the SonarQube.com one) https://github.com/trajano/wagon-git/blob/master/src/test/java/net/trajano/wagon/git/test/GitHubPagesWagonTest.java#L33
However, testing it locally where I called
mvn -X sonar:sonar -Dsonar.login=tokenvalue --Dsonar.host.url=https://sonarqube.com/ also fails with the same 403 error.
Thanks,
Archie
My only guess is someone else created the project with the same key but made it hidden somehow, but that's sort of strange considering SonarQube.com was meant for opensource projects.
As far as execution goes, it's just using the `sonar:sonar` target on Travis. I've had many other projects that work correctly before, this is the first time it had failed. The sources are in https://github.com/trajano/wagon-git If you look in pom.xml, there'll be no mention of Sonar (this is intentional) SonarQube was meant to be an add-on.
The travis.yml has the tokens encrypted and is using the `secure` value. I have sent a support e-mail regarding this where I had provided the token itself for verification. And my unit tests also use one of the tokens (albeit not the SonarQube.com one) https://github.com/trajano/wagon-git/blob/master/src/test/java/net/trajano/wagon/git/test/GitHubPagesWagonTest.java#L33
However, testing it locally where I called
mvn -X sonar:sonar -Dsonar.login=tokenvalue --Dsonar.host.url=https://sonarqube.com/ also fails with the same 403 error.
Thanks,
Archie
Archimedes Trajano
Mar 14, 2017, 3:42:45 PM3/14/17
to SonarQube
There was a recent change to SonarQube namely the addition of "organizations" so now we need to pass in the organization ID (which is available in your accounts under organization). So this needs to be passed into sonar via
addons:
sonarqube:
organization: organization-key
Or through sonar.organization property.
Thanks for the info Fabrice BELLINGARD
I have updated my documentation on how to set up Travis, Github, Maven and SonarQube.com now with this change. https://trajano.net/2016/11/integrating-travis-sonarqube/
Fabrice Bellingard
Mar 15, 2017, 4:22:56 AM3/15/17
to Archimedes Trajano, SonarQube
Indeed Archimedes, and the SonarQube.com "Get Started" (https://about.sonarqube.com/get-started/) is up-to-date with this recent change.
Note that I will also update the sample projects very shortly.
Best regards,
Fabrice BELLINGARD | SonarSource SonarQube & SonarLint Product Manager http://sonarsource.com |
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/7cdd3b66-9891-47ab-b7fe-2992bb03268c%40googlegroups.com.
Archimedes Trajano
Mar 15, 2017, 2:50:16 PM3/15/17
to SonarQube, archi...@trajano.net
Thanks, feel free to grab stuff off my implementation as well.
On Wednesday, 15 March 2017 04:22:56 UTC-4, Fabrice Bellingard wrote:
Indeed Archimedes, and the SonarQube.com "Get Started" (https://about.sonarqube.com/get-started/) is up-to-date with this recent change.
Note that I will also update the sample projects very shortly.
Best regards,
http://sonarsource.com
On Tue, Mar 14, 2017 at 8:42 PM, 'Archimedes Trajano' via SonarQube <sona...@googlegroups.com> wrote:
There was a recent change to SonarQube namely the addition of "organizations" so now we need to pass in the organization ID (which is available in your accounts under organization). So this needs to be passed into sonar viaaddons:sonarqube:organization: organization-keyOr through sonar.organization property.Thanks for the info Fabrice BELLINGARDI have updated my documentation on how to set up Travis, Github, Maven and SonarQube.com now with this change. https://trajano.net/2016/11/integrating-travis-sonarqube/
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
mvs...@gmail.com
Mar 28, 2017, 11:05:00 AM3/28/17
to SonarQube, archi...@trajano.net
Fabrice,
For projects that are in the Open Source organization, would their organization key be "default"?
Thanks
Thanks
On Wednesday, March 15, 2017 at 4:22:56 AM UTC-4, Fabrice Bellingard wrote:
Indeed Archimedes, and the SonarQube.com "Get Started" (https://about.sonarqube.com/get-started/) is up-to-date with this recent change.
Note that I will also update the sample projects very shortly.
Best regards,
http://sonarsource.com
On Tue, Mar 14, 2017 at 8:42 PM, 'Archimedes Trajano' via SonarQube <sona...@googlegroups.com> wrote:
There was a recent change to SonarQube namely the addition of "organizations" so now we need to pass in the organization ID (which is available in your accounts under organization). So this needs to be passed into sonar viaaddons:sonarqube:organization: organization-keyOr through sonar.organization property.Thanks for the info Fabrice BELLINGARDI have updated my documentation on how to set up Travis, Github, Maven and SonarQube.com now with this change. https://trajano.net/2016/11/integrating-travis-sonarqube/
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+...@googlegroups.com.
Fabrice Bellingard
Mar 28, 2017, 11:39:19 AM3/28/17
to mvs...@gmail.com, SonarQube, Archimedes Trajano
On Tue, Mar 28, 2017 at 5:04 PM, <mvs...@gmail.com> wrote:
Fabrice,For projects that are in the Open Source organization, would their organization key be "default"?
Indeed. But in such case, the "organization" parameter is optional (because it defaults to "default") so you don't need to pass it.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/395e7b54-22a7-455c-bd3e-039680c84f2e%40googlegroups.com.
mvs...@gmail.com
Mar 28, 2017, 12:29:00 PM3/28/17
to SonarQube, mvs...@gmail.com, archi...@trajano.net
Thanks for the fast response Fabrice, but whether or not we specify the organization our builds still fail due to insufficient privileges. Were there any other changes that would cause this insufficient privileges issue?
Archimedes Trajano
Mar 28, 2017, 12:44:45 PM3/28/17
to SonarQube, archi...@trajano.net, mvs...@gmail.com
It's "default" by default, but I think SonarQube.com is configured such that no new projects can be created under that organization. However, existing projects will still work (unless you remove them). This is why you would likely get a 401, I think someone from SonarQube can verify the behaviour I just described.
mvs...@gmail.com
Mar 28, 2017, 12:54:03 PM3/28/17
to SonarQube, archi...@trajano.net, mvs...@gmail.com
Does this apply to analyzing new branches of projects as well?
Archimedes Trajano
Mar 28, 2017, 12:56:18 PM3/28/17
to mvs...@gmail.com, SonarQube
Are you talking about the PR handling much like what I had documented in https://trajano.net/2016/11/integrating-travis-sonarqube/ ? That being the case I am not sure to be honest I started taking out my projects from "default" and move them to my organization.
Fabrice Bellingard
Mar 29, 2017, 4:22:54 AM3/29/17
to mvs...@gmail.com, SonarQube, Archimedes Trajano
On Tue, Mar 28, 2017 at 6:54 PM, <mvs...@gmail.com> wrote:
Does this apply to analyzing new branches of projects as well?
When you analyze a branch in SonarQube (using the TravisCI "branches" parameter or directly the "sonar.branch" property), it is currently considered as an independent project in SonarQube. This is why the following use case won't work:
- You started analyzing your project a couple on month ago, so you don't need the "sonar.organization" parameter because it's in the default organization
- You branched that project and tried an analysis (with "sonar.branch" for instance): SonarQube.com will refuse to process the analysis because it considers you are trying to analyse a new project on the default organization (which is protected to not accept new project).
If you're in that case, I'd advise you to drop your project from the default org and recreate it in your own org. This way, when you run analyses on a branch, this will be done in your own org so it will work.
On our (SonarSource) side, we have some work to do to make all this simpler:
- First, allow to move projects from one org to another (so that you don't have to delete and recreate your project - which implies loosing history) => will be done soon
- Then developer a proper support for branches in SonarQube itself so that branches are seen as parts of the original project, and not as different projects. => will be done before the end of the year - see our roadmap page.
On Tuesday, March 28, 2017 at 12:44:45 PM UTC-4, Archimedes Trajano wrote:It's "default" by default, but I think SonarQube.com is configured such that no new projects can be created under that organization. However, existing projects will still work (unless you remove them). This is why you would likely get a 401, I think someone from SonarQube can verify the behaviour I just described.
--
You received this message because you are subscribed to the Google Groups "SonarQube" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sonarqube+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sonarqube/5d59ff3a-7b1d-4c3a-b0d7-ae2440e04ca4%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages