I am seeing below error:
Project Key: XXX
Token: XXX
URL: https://sonarcloud.io/api/qualitygates/project_status?projectKey=nextops123_webstore-security
Headers: System.Collections.Hashtable
Error: Response status code does not indicate success: 401 ().
Please suggest how to fix this
Colin
(Colin)
September 6, 2024, 11:05am
2
Hey there.
In what environment are you running the analysis (a specific CI/CD tool, for example)? How/where have you configured the token? What permissions does the user for whom you generated that token have?
@Colin HI. I am referring sonarlcoud token mentioned in the below YAML file and when I ran this pipeline it is coming up with following error. Please suggest . THank you
Project Key: nextops123_webstore-security
Token: XXX
URL: https://sonarcloud.io/api/qualitygates/project_status?projectKey=nextops123_webstore-security
Headers: System.Collections.Hashtable
Error: Response status code does not indicate success: 401 ().
Logs:
logs_1532 (1).zip (336.1 KB)
Colin
(Colin)
September 9, 2024, 1:05pm
4
Hey there.
Please don’t expose things like tokens in plaintext. I edited your post, but you should consider this token compromised as it was accessible publicly.
Based on the logs you shared, you haven’t actually implemented SonarCloud analysis (the SonarCloudPrepare
and SonarCloudAnalyze
tasks). I think now is a good time to review the the documentaion on the SonarCloud Extension for Azure DevOps .
However, a quick look at the custom script you wrote:
- task: PowerShell@2
displayName: 'Check SonarCloud Quality Gate'
inputs:
targetType: 'inline'
script: |
$projectKey = "$(projectKey)"
$token = "$(sonarcloudToken)"
Write-Host "Project Key: $projectKey"
Write-Host "Token: $token"
$url = "https://sonarcloud.io/api/qualitygates/project_status?projectKey=$projectKey"
$headers = @{
Authorization = "Basic " + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$token"))
}
Write-Host "URL: $url"
Write-Host "Headers: $headers"
try {
$response = Invoke-RestMethod -Uri $url -Headers $headers -Method Get
Write-Host "Response: $response"
if ($response.projectStatus.status -eq "OK") {
Write-Output "Quality gate passed"
exit 0
} else {
Write-Output "Quality gate failed"
exit 1
}
} catch {
Write-Output "Error: $_"
exit 1
}
env:
projectKey: $(projectKey)
sonarcloudToken: $(sonarcloudToken)
Tells me that you should be using Bearer authentication , as documented, rather than Basic authentication.
@Colin
I have implemented sonarcloud prepare and analyize tasks already you can see in the below YAML, i have provide some other random value for token
trigger:
- none
pool:
vmImage: ubuntu-latest
variables:
buildConfiguration: 'Release'
projectKey: 'nextops123_webstore-security'
organization: 'nextops123'
sonarcloudToken: 'XXX'
stages:
- stage: 'BuildStage'
displayName: 'Build Stage'
jobs:
- job: BuildAndPublish
displayName: 'Build and Publish'
steps:
- checkout: self
fetchDepth: 0
- task: UseDotNet@2
displayName: 'Use .NET 6'
inputs:
version: '6.x'
- task: DotNetCoreCLI@2
displayName: '.NET Restore'
inputs:
command: 'restore'
projects: '**/*.csproj'
feedsToUse: 'select'
- task: SonarCloudPrepare@2
inputs:
SonarCloud: 'SonarCLoud'
organization: 'nextops123'
scannerMode: 'MSBuild'
projectKey: 'nextops123_webstore-security'
projectName: 'webstore-security'
- task: DotNetCoreCLI@2
displayName: '.NET Build'
inputs:
command: 'build'
projects: '**/*.csproj'
arguments: '--configuration $(buildConfiguration)'
- task: DotNetCoreCLI@2
displayName: '.NET Publish'
inputs:
command: 'publish'
projects: '**/*.csproj'
arguments: '--configuration $(buildConfiguration) --output $(Build.ArtifactStagingDirectory)'
- task: SonarCloudAnalyze@2
inputs:
jdkversion: 'JAVA_HOME_17_X64'
- task: SonarCloudPublish@2
inputs:
pollingTimeoutSec: '300'
- task: PublishPipelineArtifact@1
displayName: 'Publish Artifact'
inputs:
targetPath: '$(Build.ArtifactStagingDirectory)'
artifact: 'ausemart-web'
publishLocation: 'pipeline'
- task: PowerShell@2
displayName: 'Check SonarCloud Quality Gate'
inputs:
targetType: 'inline'
script: |
$projectKey = "$(projectKey)"
$token = "$(sonarcloudToken)"
Write-Host $projectKey
Write-Host $token
Write-Host $response
$url = "https://sonarcloud.io/api/qualitygates/project_status?projectKey=$projectKey"
$headers = @{
Authorization = "Basic " + [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(":$token"))
}
$response = Invoke-RestMethod -Uri $url -Headers $headers
if ($response.projectStatus.status -eq "OK") {
Write-Output "Quality gate passed"
exit 0
} else {
Write-Output "Quality gate failed"
exit 1
}
env:
projectKey: $(projectKey)
sonarcloudToken: $(sonarcloudToken)
and for above YAML file I have attached logs below
logs_1525.zip (206.4 KB)
and you could see the sequence of tasks passed , only last task is failing
Please suggest why that particular task is failing with that error.
Colin
(Colin)
September 10, 2024, 12:26pm
6
I have already told you.
Please review the documentation I linked and compare it to how you’re setting authentication headers in your script.
@Colin Thank you, it worked