We are experiencing an issue with the Prepare analyse on SonarQube task of Azure DevOps Server 2019 Update 1.1.
Our SonarQ is an on premise version 8.2
If we use the service with the https URL of SonarQ the pipeline fails and return the following message: [SQ] API GET ‘/api/server/version’ failed, error was: {“code”:“UNABLE_TO_VERIFY_LEAF_SIGNATURE”}
Prepare analysis make some HTTP calls against your SQ instance using Node.js, so you need to explicitly tell Node to use this or that certificate using the NODE_EXTRA_CA_CERTS environment variable. (containing the path where your certs are stored)
Make sure that this one will be available with the task, a restart of the agent is always needed.
Tip top! Clear enough to go forwad.But now I have another issue. the prepare analyse on sonarQube passed but I receive the following message on the run code analysis task:
ERROR: SonarQube server [******] can not be reach.
Firewall is opened between both servers (CI and SQ)
Any idea ?
Thanks in advance
I think it’s still a certificate issue. (We are making call by different ways : Node.js for the Prepare task, and most often in Java in the Run Code Analysis) Do you have the exact error show ? Is there any stack trace ?
here’s the real error : Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Can you check that your JVM has the correct path to your SQ certificate ?
