Error 403 while running analysis

Hi,
I’ve just set up SonarQube 8.1, and whilst running analysis i get the following error:

mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar -Dsonar.host.url=http://localhost:61901/ -Dsonar.login=******

[INFO] Scanning for projects…
[WARNING]
[WARNING] Some problems were encountered while building the effective model for lab.cyber.ucp:ConfiguratorMultiModule:pom:0.5.22-SNAPSHOT
[WARNING] ‘build.plugins.plugin.version’ for org.apache.maven.plugins:maven-javadoc-plugin is missing. @ line 49, column 21
[WARNING]
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING]
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING]
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] CytadelTheme
[INFO] Security
[INFO] Homepage
[INFO] CommonInformationModel
[INFO] DeploymentSuite
[INFO] DataLake
[INFO] IngestionAndEnrichmentEngine
[INFO] PlatformHealthAndMonitoring
[INFO] Configurator
[INFO] ConfiguratorMultiModule
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building ConfiguratorMultiModule 0.5.22-SNAPSHOT
[INFO] ------------------------------------------------------------------------

[INFO]
[INFO] — sonar-maven-plugin:3.7.0.1746:sonar (default-cli) @ ConfiguratorMultiModule —
[INFO] User cache: /var/lib/jenkins/.sonar/cache
[ERROR] SonarQube server [http://localhost:61901] can not be reached
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] CytadelTheme … SKIPPED
[INFO] Security … SKIPPED
[INFO] Homepage … SKIPPED
[INFO] CommonInformationModel … SKIPPED
[INFO] DeploymentSuite … SKIPPED
[INFO] DataLake … SKIPPED
[INFO] IngestionAndEnrichmentEngine … SKIPPED
[INFO] PlatformHealthAndMonitoring … SKIPPED
[INFO] Configurator … SKIPPED
[INFO] ConfiguratorMultiModule … FAILURE [ 2.210 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 3.435 s
[INFO] Finished at: 2020-01-31T13:29:42Z

[INFO] Final Memory: 76M/729M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project ConfiguratorMultiModule: Unable to execute SonarQube: Fail to get bootstrap index from server: Status returned by url [http://localhost:61901/batch/index] is not valid: [403] -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[ERROR]

I believe 403 is a forbidden error, so I’ve had a look through all other relevant posts, and taken a look at my settings, including:

In Jenkins under Manage Jenkins > Configure System > SonarQube servers I’ve set the Sonar URL, Server Authentication Token, and version of sonar-maven plugin (3.7.0.1746).

In Jenkins under Manage Jenkins > Global Tool Configuration > SonarQube Scanner I’ve set the SONAR_RUNNER_HOME to /opt/sonar-scanner-4.2.0.1873-linux.

In Sonar I’ve set the permissions of the admin users (from which the auth token was generated) to have all permissions, including execut analysis.

I can’t figure out why it’s not working. When I try to visit http://localhost:61901/batch/index myself, I get:
sonar-scanner-engine-shaded-8.1.0.31237-all.jar|0816184471131ebed73ed8f48b9bbc8e

My versions are:
Jenkins 2.219
SonarQube 8.1

Hi,

I see that you’re passing credentials on your analysis command line. That ticks off the first question I would normally ask. So then we come to: is your network proxy/firewall interfering with this? (Just because you get through the proxy doesn’t mean Jenkins is allowed too…)

 
HTH,
Ann

HI Ann,

I haven’t fully solved the problem yet, but I’ve been wroking with someone in my organisation who was having the same problem, and we’ve come to the conclusion that the problem comes from upgrading maven-sonar-plugin past 3.2 (we’re using 3.7.0.1746). Whilst working in the command line, adding a non-proxy setting fixed this issue, so I just need to add a non-proxy setting to Jenkins when I get a chance to work on this project. Do you know where this would be set?

I’ll post back with the full solution when I get this to work.

Thanks.

Hi,

I’ll be very interested to hear what you find.

 
Ann

Adding the following line into the proxies section of …/jenkins/.m2/settings.xml solved this problem.

<nonProxyHosts>localhost</nonProxyHosts>

1 Like

Hi,

Thanks for sharing your solution.

As a side note, the fact that you added a setting for localhost makes me think you’re running Jenkins and SonarQube on the same server. This will get you started, but is sub-optimal long-term. You’ll want them hosted on their own boxes as soon as you can manage it for performance reasons.

 
Ann

1 Like