我的配置是SonarQube 3.1.1, Build Stability plugin 1.2, Jenkins 1.467
我已经在项目级别配置了构建稳定性插件的设置,如http://docs.codehaus.org/display/SONAR/Build+Stability+Plugin
所述。这个分析的控制台输出对于这个插件有以下错误:
> [INFO] [05:17:18.108] CI URL: Jenkins:http://<host>/job/<job-name>/
>
> [ERROR] [05:17:18.702] Received 403 when trying to access
> http://<host>/job/<job-name>//lastBuild/api/xml/
> org.sonar.api.utils.SonarException: Received 403 when trying to access
> http://<host>/job/<job-name>//lastBuild/api/xml/ at
> org.sonar.plugins.buildstability.ci.CiConnector.execute(CiConnector.java:132)
> ~[na:na] at
> org.sonar.plugins.buildstability.ci.CiConnector.executeGet(CiConnector.java:120)
> ~[na:na] at
> org.sonar.plugins.buildstability.ci.CiConnector.getLastBuild(CiConnector.java:68)
> ~[na:na] at
> org.sonar.plugins.buildstability.ci.CiConnector.getBuildsSince(CiConnector.java:106)
> ~[na:na] at
> org.sonar.plugins.buildstability.BuildStabilitySensor.analyse(BuildStabilitySensor.java:105)
> ~[na:na] at
> org.sonar.batch.phases.SensorsExecutor.execute(SensorsExecutor.java:64)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.phases.Phases.execute(Phases.java:93)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrap.ProjectModule.doStart(ProjectModule.java:139)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrap.Module.start(Module.java:83)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrap.BatchModule.analyze(BatchModule.java:115)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrap.BatchModule.doStart(BatchModule.java:105)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrap.Module.start(Module.java:83)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrap.BootstrapModule.doStart(BootstrapModule.java:111)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrap.Module.start(Module.java:83)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrapper.Batch.startBatch(Batch.java:73)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.batch.bootstrapper.Batch.execute(Batch.java:60)
> [sonar-batch-3.1.1.jar:na] at
> org.sonar.maven3.SonarMojo.execute(SonarMojo.java:142)
> [sonar-maven3-plugin-3.1.1.jar:na] at
> org.codehaus.mojo.sonar.Bootstraper.executeMojo(Bootstraper.java:104)
> [sonar-maven-plugin-2.2.jar:na] at
> org.codehaus.mojo.sonar.Bootstraper.start(Bootstraper.java:67)
> [sonar-maven-plugin-2.2.jar:na] at
> org.codehaus.mojo.sonar.SonarMojo.execute(SonarMojo.java:109)
> [sonar-maven-plugin-2.2.jar:na] at
> org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:101)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:320)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
> [maven-core-3.0.4.jar:3.0.4] at
> org.apache.maven.cli.MavenCli.execute(MavenCli.java:537)
> [maven-embedder-3.0.4.jar:3.0.4] at
> org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
> [maven-embedder-3.0.4.jar:3.0.4] at
> org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
> [maven-embedder-3.0.4.jar:3.0.4] at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[na:1.6.0_33] at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> ~[na:1.6.0_33] at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> ~[na:1.6.0_33] at java.lang.reflect.Method.invoke(Method.java:597)
> ~[na:1.6.0_33] at
> org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290)
> [plexus-classworlds-2.4.jar:na] at
> org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230)
> [plexus-classworlds-2.4.jar:na] at
> org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409)
> [plexus-classworlds-2.4.jar:na] at
> org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352)
> [plexus-classworlds-2.4.jar:na] [INFO] [05:17:18.704] Sensor
> org.sonar.plugins.buildstability.BuildStabilitySensor@1188d9a3 done:
> 597 ms
Link: http://<host>/job/<job-name>//lastBuild/api/xml/可以通过浏览器访问,并且是正确的url。
我甚至在构建的声纳配置中提供了-Dsonar.login=admin -Dsonar.password=admin,但仍然出现相同的错误。
看起来Sonar身份验证失败取决于您在Jenkins服务器上使用的安全性。我相信这是可能的设置sonar.build-stability.use_jsecuritycheck=true,如果詹金斯安全领域委托给servlet容器(tomcat server.xml)。
在我自己的情况下,我别无选择,只能使用标准的安全性(Jenkins数据库),当我配置SonarQube构建稳定性时,我遇到了麻烦,即使我确信使用正确的URL与匹配的凭据。
然后我尝试了另一个构建稳定性配置,删除用户和密码,并在URL中包含凭据:Jenkins:http(s)://<user>:<pass>@<hostname>/job/<jobname>失败…
最后我尝试了另一个url模式,使用给定的api令牌(jenkins中的用户配置)而不是密码:Jenkins:http(s)://<user>:<api-token>@<hostname>/job/<jobname>
最后一次尝试是成功的。我甚至从Jenkins的全局安全列表中删除了我的SonarQube用户,只是在项目级别给它读取/发现权限,它仍然工作。
它不能满足我在Sonar配置中填写"用户名/密码"的深层愿望(我想使用这些字段…)无论如何,它比授予匿名访问更安全。但是,URL中仍然有一个安全令牌,所以安全性不如我想要的好。
希望有帮助。
- 编辑
1)使用Jenkins Role Strategy插件,用户除了需要项目读权限外,还需要整体读权限。
2)当Jenkins将身份验证委托给servlet容器并且您在Sonar中设置sonar.build-stability.user_jsecuritycheck=true时,您可能会在Build Stability v1.2中获得错误。当它试图对Jenkins进行身份验证时,会生成一个错误的url (url中缺少一个/,生成类似http://<my_host>/jenkinsloginEntry而不是http://<my_host>/jenkins/loginEntry的东西)。
我也面临同样的问题。如果有帮助,这里有一个解决方法:在Jenkins> Manage Jenkins> Configure Global Security中,授予匿名用户读取Overall和Job的权限。