hello,
I have the same problem and task: SonarQubePublish@4 fails with unauthorized status code 401,
How can I grant permission to the request? can you be more specific? thank you
SonarQube version:9.5
SonarQube-PostgreSQL:12
Publish Quality Gate Result Plugin:4
Hi,
Welcome to the community!
Can you share your pipeline?
Ann
pool: Extranet-mobile
steps:
# Prepare Analysis Configuration task
- task: SonarQubePrepare@4
displayName: 'Prepare analysis on SonarQube'
inputs:
SonarQube: 'extranet-mobile-sonarqube'
scannerMode: Other
extraProperties: |
sonar.verbose=true
sonar.projectName=MavenProject
sonar.login=**********************************************************
sonar.projectKey=TEST_DEVOPS_EXTRANET_MavenProject
# sonar.source=.
- task: Maven@3
inputs:
mavenPomFile: 'pom.xml'
mavenOptions: '-Xmx3072m'
javaHomeOption: 'path'
jdkDirectory: '/usr/lib/jvm/java-17-oracle'
publishJUnitResults: true
testResultsFiles: '**/TEST-*.xml'
sonarQubeRunAnalysis: true
sqMavenPluginVersionChoice: 'latest'
goals: clean package
## Run Code Analysis task
#- task: SonarQubeAnalyze@4
# Publish Quality Gate Result task
- task: SonarQubePublish@4
displayName: 'Publish Quality Gate Result'
inputs:
pollingTimeoutSec: '300'
Hi,
Can you move your Maven task before the ‘prepare’ task?
Ann
Hello,
So I tried to move maven task as you said and I got failed build
Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar (default-cli) on project testing-helloworld: Not authorized. Analyzing this project requires authentication. Please provide a user token in sonar.login or other credentials in sonar.login and sonar.password. -> [Help 1]
This is normal because I’m attempting to use sonarqube analysis prior to even linking the sonar scanner with sonar server.
my problem is I don’t know how to grant permission to my local hosted agent ( btw I’m using Azure Devops) to be able to publish quality result to quality gate.
Hi,
First, you just published a token value to the Internet. I hope you’ve already revoked it…
Regarding your pipeline, sorry, I assumed the Maven task was your build.
Can you share your analysis log?
Ann
Hello Ann,
Thank you for your reply. Regarding the token, I simply removed a couple of characters, so there is no harm done.
for the analysis logs, which one are we talking about because I found several inside /sonarqube/logs
Hi,
Those are server logs.
The analysis log is what’s output from the analysis command. But ideally, it’ll be the entire pipeline log.
Thx,
Ann
Hi,
logs_11855.zip (16.1 KB)
Hi,
Thanks for the logs. Nothing is jumping out at me, so I’ve referred this for more expert attention & split it off to its own topic just for clarity.
Ann
I don’t know how the SonarQubePublish task is implemented, but you are probably missing the token in the http requests to the web services. For example, if using curl: curl -u '{TOKEN}:' ...
