了声纳

了声纳

关注
发信
关注(28)粉丝(399)

声纳构建稳定性插件给出了声纳版本3.1.1的403禁止错误

本文介绍了声纳构建稳定性插件给出了声纳版本3.1.1的403禁止错误的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我的配置是SonarQube 3.1.1,Build Stability插件1.2,Jenkins 1.467

My configuration is SonarQube 3.1.1, Build Stability plugin 1.2, Jenkins 1.467

我已经在项目级别配置了构建稳定性插件的设置,如 http://docs.codehaus.org/display/SONAR/Build+Stability+Plugin

I have configured the settings for the build stability plugin at the project level as mentioned at http://docs.codehaus.org/display/SONAR/Build+Stability+Plugin

此分析的控制台输出对此插件有以下错误:

Console output for this analysis has the following error for this plugin :

> [INFO] [05:17:18.108] CI URL: Jenkins:http://<host>/job/<job-name>/
>
> [ERROR] [05:17:18.702] Received 403 when trying to access
> http://<host>/job/<job-name>//lastBuild/api/xml/
> org.sonar.api.utils.SonarException: Received 403 when trying to access
> http://<host>/job/<job-name>//lastBuild/api/xml/  at
> org.sonar.plugins.buildstability.ci.CiConnector.execute(CiConnector.java:132)
> ~[na:na]  at
> org.sonar.plugins.buildstability.ci.CiConnector.executeGet(CiConnector.java:120)
> ~[na:na]  at
> org.sonar.plugins.buildstability.ci.CiConnector.getLastBuild(CiConnector.java:68)
> ~[na:na]  at
> org.sonar.plugins.buildstability.ci.CiConnector.getBuildsSince(CiConnector.java:106)
> ~[na:na]  at
> org.sonar.plugins.buildstability.BuildStabilitySensor.analyse(BuildStabilitySensor.java:105)
> ~[na:na]  at
> org.sonar.batch.phases.SensorsExecutor.execute(SensorsExecutor.java:64)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.phases.Phases.execute(Phases.java:93)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrap.ProjectModule.doStart(ProjectModule.java:139)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrap.Module.start(Module.java:83)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrap.BatchModule.analyze(BatchModule.java:115)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrap.BatchModule.doStart(BatchModule.java:105)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrap.Module.start(Module.java:83)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrap.BootstrapModule.doStart(BootstrapModule.java:111)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrap.Module.start(Module.java:83)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrapper.Batch.startBatch(Batch.java:73)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.batch.bootstrapper.Batch.execute(Batch.java:60)
> [sonar-batch-3.1.1.jar:na]    at
> org.sonar.maven3.SonarMojo.execute(SonarMojo.java:142)
> [sonar-maven3-plugin-3.1.1.jar:na]    at
> org.codehaus.mojo.sonar.Bootstraper.executeMojo(Bootstraper.java:104)
> [sonar-maven-plugin-2.2.jar:na]   at
> org.codehaus.mojo.sonar.Bootstraper.start(Bootstraper.java:67)
> [sonar-maven-plugin-2.2.jar:na]   at
> org.codehaus.mojo.sonar.SonarMojo.execute(SonarMojo.java:109)
> [sonar-maven-plugin-2.2.jar:na]   at
> org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:101)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:209)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:84)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:59)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.lifecycle.internal.LifecycleStarter.singleThreadedBuild(LifecycleStarter.java:183)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:161)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:320)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.DefaultMaven.execute(DefaultMaven.java:156)
> [maven-core-3.0.4.jar:3.0.4]  at
> org.apache.maven.cli.MavenCli.execute(MavenCli.java:537)
> [maven-embedder-3.0.4.jar:3.0.4]  at
> org.apache.maven.cli.MavenCli.doMain(MavenCli.java:196)
> [maven-embedder-3.0.4.jar:3.0.4]  at
> org.apache.maven.cli.MavenCli.main(MavenCli.java:141)
> [maven-embedder-3.0.4.jar:3.0.4]  at
> sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ~[na:1.6.0_33]    at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> ~[na:1.6.0_33]    at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> ~[na:1.6.0_33]    at java.lang.reflect.Method.invoke(Method.java:597)
> ~[na:1.6.0_33]    at
> org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:290)
> [plexus-classworlds-2.4.jar:na]   at
> org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:230)
> [plexus-classworlds-2.4.jar:na]   at
> org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:409)
> [plexus-classworlds-2.4.jar:na]   at
> org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:352)
> [plexus-classworlds-2.4.jar:na] [INFO] [05:17:18.704] Sensor
> org.sonar.plugins.buildstability.BuildStabilitySensor@1188d9a3 done:
> 597 ms

链接:http://<host>/job/<job-name>//lastBuild/api/xml/可通过Web浏览器访问,并且是正确的网址.

Link : http://<host>/job/<job-name>//lastBuild/api/xml/ is accessible through web browser and is a correct url.

我什至在构建的声纳配置中提供了-Dsonar.login=admin -Dsonar.password=admin,但仍然出现相同的错误.

I even provided -Dsonar.login=admin -Dsonar.password=admin in the sonar configuration of the build, but still the same error appears.

感谢您的帮助.

推荐答案

Sonar验证失败取决于您在Jenkins服务器上使用的安全性.我相信,如果将Jenkins安全领域委托给servlet容器(tomcat server.xml),则可以设置sonar.build-stability.use_jsecuritycheck=true.

Looks like the Sonar authentication fails depending on the security you use on your Jenkins server. I believe it's possible to set sonar.build-stability.use_jsecuritycheck=true if Jenkins security realm is delegated to the servlet container (tomcat server.xml).

在我自己的情况下,我别无选择,只能使用标准安全性(Jenkins数据库),而且即使我确定使用具有匹配凭据的正确URL,也无法配置SonarQube Build Stability.

In my own case, I had no choice but using the standard security (Jenkins database), and I had trouble when I configured SonarQube Build Stability, even when I was sure to use the right URL with matching credentials.

然后,我尝试了另一种构建稳定性"配置,删除了用户和密码,并在URL中包括了凭据:Jenkins:http(s)://<user>:<pass>@<hostname>/job/<jobname>...失败...

Then I tried another Build Stability configuration, removing user and password, and including the credentials in URL :Jenkins:http(s)://<user>:<pass>@<hostname>/job/<jobname>...fail...

最后,我尝试了另一个URL模式,使用给定的api令牌(jenkins中的用户配置)代替了密码:Jenkins:http(s)://<user>:<api-token>@<hostname>/job/<jobname>

Finally I tried another url pattern, using the given api token (user configuration in jenkins) instead of password :Jenkins:http(s)://<user>:<api-token>@<hostname>/job/<jobname>

这最后一次尝试是成功的.我什至从Jenkins的全局安全性列表中删除了SonarQube用户,只是在项目级别授予了它读取/发现的权限,但它仍然有效.

This last try was a success. I even removed my SonarQube user from the global security list in Jenkins and just gave it read/discover right at project level, and it still worked.

无论如何,我并不希望在Sonar配置中填写用户名/密码"(我想使用这些字段...),这比授予匿名访问更为安全.但仍然在URL中有一个安全令牌,因此安全性不如我想要的好.

It doesn't fill my deep desire to fill the "username/password" in the Sonar config (I WANT to use these fields...) anyway it's more secured than granting anonymous access. But still, there is a security token in the URL so the security is not as good as I want.

希望有帮助.

  • 编辑

1)使用Jenkins角色策略插件,除了项目读取权限外,用户还需要总体读取权限.

1) With the Jenkins Role Strategy plugin, the user needs the overall read permission in addition to the project read permission.

2)当Jenkins将身份验证委托给servlet容器并且您在Sonar中设置了sonar.build-stability.user_jsecuritycheck=true时,Build Stability v1.2可能会出现错误.尝试在Jenkins上进行身份验证时,将生成错误的URL(URL中缺少/,生成的内容类似于http://<my_host>/jenkinsloginEntry而不是http://<my_host>/jenkins/loginEntry).应该在v1.3中修复.

2) When Jenkins delegates authentication to servlet container and you set sonar.build-stability.user_jsecuritycheck=true in Sonar, you will probably get an error with Build Stability v1.2. A wrong url is generated when it tries to authenticate on Jenkins (one / is missing in the url, generating something like http://<my_host>/jenkinsloginEntry instead of http://<my_host>/jenkins/loginEntry). Should be fixed in v1.3.

这篇关于声纳构建稳定性插件给出了声纳版本3.1.1的403禁止错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-24 11:18
Powered by LMLPHP ©2024 了声纳 0.037980