We already have a project registered on SonarQube, and we want to renew the token for SonarScanner.
So, how can I renew the project token?
The version of Sonar is 7.9.3
Hi,
Welcome to the community!
First, your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:
7.9.3 → 8.9.2 → 9.0.1 (last step optional)
Regarding your actual question, it’s not clear to me what you mean by “renew the project token”. Is this about the user token you’re analyzing with? You’d like to invalidate the one currently in use & generate a new one?
If so, you’ll go to the list of tokens in the user account that owns the token and “Revoke” the current token. Then “Generate” a new one.
HTH,
Ann
Hi, G Ann.
Yes. I deserve renew the project token. At the page Administration/Update Key into this project contains the label with the name of project.
When I change the value for renew the token. The new value not appear.
Hi,
Are you trying to change the project key? The identifier the project is known by? Or are you trying to change the authentication token the project is analyzed with?
Ann
I’m try change the project key.
Hi,
This is a two-step process. First change the key in SonarQube. In Project administration, use the ‘Update Key’ interface.
Then update your analysis properties to use the new key & reanalyze.
HTH,
Ann
Hi,
I done the steps that you suggest but i had the same issue.
I runner pipeline via gitlab and done in terminal with this command
mvn sonar:sonar --batch-mode \
-Dsonar.host.url=url-sonar \
-Dsonar.projectName=name-project \
-Dsonar.projectVersion=my-branch \
-Dsonar.projectKey=my-new-key \
-Dsonar.login=my-login \
-Dsonar.sources=my-directory \
-Dsonar.tests=my-directory-test
I had this log
`[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project xxx: null: MojoExecutionException: NullPointerException → [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project xxx: null
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:215)
…
Caused by: java.lang.NullPointerException
at org.sonar.scanner.report.ComponentsPublisher.convert (ComponentsPublisher.java:104)
`
When I used my old key I had this message
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project xxx: You're not authorized to run analysis. Please contact the project administrator. -> [Help 1]
One interesting thing is. When you renew the key for project. The Sonar not show for you the new token.
Hi,
Can you provide the entire stacktrace as well as a few lines before it starts?
Ann
Alright
This log with used -X for print more information of debug
[INFO] Scanning for projects...
[DEBUG] Using mirror nexus (http://my-nexus) for central (http://central).
[DEBUG] Using mirror nexus (http://my-nexus) for EBC-maven-public (http://my-nexus).
[DEBUG] Extension realms for project com.org:xxx:jar:${PROJECT_VERSION-SNAPSHOT}: (none)
[DEBUG] Looking up lifecycle mappings for packaging jar from ClassRealm[plexus.core, parent: null]
[WARNING]
[WARNING] Some problems were encountered while building the effective model for com.org:xxx:jar:${PROJECT_VERSION-SNAPSHOT}
[WARNING] 'version' contains an expression but should be a constant. @ line 7, column 11
[WARNING] 'build.plugins.plugin.version' for org.apache.maven.plugins:maven-jar-plugin is missing. @ line 35, column 12
[WARNING]
[WARNING] It is highly recommended to fix these problems because they threaten the stability of your build.
[WARNING]
[WARNING] For this reason, future Maven versions might no longer support building such malformed projects.
[WARNING]
[DEBUG] Resolving plugin prefix sonar from [org.apache.maven.plugins, org.codehaus.mojo]
[DEBUG] Using mirror nexus (http://my-nexus) for apache.snapshots (http://repository.apache.org/snapshots).
[DEBUG] Using mirror nexus (http://my-nexus) for central (https://repo.maven.apache.org/maven2).
[DEBUG] Using mirror nexus (http://my-nexus) for codehaus.org (http://snapshots.repository.codehaus.org).
[DEBUG] Using mirror nexus (http://my-nexus) for apache.snapshots (https://repository.apache.org/snapshots).
[DEBUG] Resolved plugin prefix sonar to org.sonarsource.scanner.maven:sonar-maven-plugin from POM com.org:xxx:jar:${PROJECT_VERSION-SNAPSHOT}
[DEBUG] === REACTOR BUILD PLAN ================================================
[DEBUG] Project: com.org:xxx:jar:${PROJECT_VERSION-SNAPSHOT}
[DEBUG] Tasks: [sonar:sonar]
[DEBUG] Style: Aggregating
[DEBUG] =======================================================================
[INFO]
[INFO] ----------------------------< com.org:xxx >----------------------------
[INFO] Building xxx ${PROJECT_VERSION-SNAPSHOT}
[INFO] --------------------------------[ jar ]---------------------------------
[DEBUG] Resolving plugin prefix sonar from [org.apache.maven.plugins, org.codehaus.mojo]
[DEBUG] Resolved plugin prefix sonar to org.sonarsource.scanner.maven:sonar-maven-plugin from POM com.org:xxx:jar:${PROJECT_VERSION-SNAPSHOT}
[DEBUG] Lifecycle default -> [validate, initialize, generate-sources, process-sources, generate-resources, process-resources, compile, process-classes, generate-test-sources, process-test-sources, generate-test-resources, process-test-resources, test-compile, process-test-classes, test, prepare-package, package, pre-integration-test, integration-test, post-integration-test, verify, install, deploy]
[DEBUG] Lifecycle clean -> [pre-clean, clean, post-clean]
[DEBUG] Lifecycle site -> [pre-site, site, post-site, site-deploy]
[DEBUG] === PROJECT BUILD PLAN ================================================
[DEBUG] Project: com.org:xxx:${PROJECT_VERSION-SNAPSHOT}
[DEBUG] Dependencies (collect): []
[DEBUG] Dependencies (resolve): [test]
[DEBUG] Repositories (dependencies): [nexus (http://my-nexus, default, releases+snapshots)]
[DEBUG] Repositories (plugins) : [nexus (http://my-nexus, default, releases+snapshots)]
[DEBUG] -----------------------------------------------------------------------
[DEBUG] Goal: org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli)
[DEBUG] Style: Aggregating
[DEBUG] Configuration: <?xml version="1.0" encoding="UTF-8"?>
<configuration>
<mojoExecution default-value="${mojoExecution}"/>
<session default-value="${session}"/>
<skip default-value="false">${sonar.skip}</skip>
</configuration>
[INFO] 18:40:03.830 Load project repositories
[DEBUG] 18:40:03.837 GET 403 http://my-sonar/batch/project.protobuf?key=my-new-key | time=6ms
[INFO] 18:40:03.844 Load project repositories
[DEBUG] 18:40:03.849 GET 403 http://my-sonar/batch/project.protobuf?key=my-new-key | time=5ms
[INFO] 18:40:03.853 Load project repositories
[DEBUG] 18:40:03.859 GET 403 http://my-sonar/batch/project.protobuf?key=my-new-key | time=6ms
[DEBUG] 18:40:08.938 file=/my-directory/.git/refs/heads/my-branch, create new FileSnapshot: lastRead=2021-08-24 18:40:08.938000000, lastModified=2021-08-24 18:35:11.853970000, size=41, fileKey=(dev=811,ino=29503668)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 9.642 s
[INFO] Finished at: 2021-08-24T18:40:08-03:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project xxx: null: MojoExecutionException: NullPointerException -> [Help 1]
org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.7.0.1746:sonar (default-cli) on project xxx: null
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:215)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:156)
at org.apache.maven.lifecycle.internal.MojoExecutor.execute (MojoExecutor.java:148)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:117)
at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject (LifecycleModuleBuilder.java:81)
at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build (SingleThreadedBuilder.java:56)
at org.apache.maven.lifecycle.internal.LifecycleStarter.execute (LifecycleStarter.java:128)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:305)
at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192)
at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105)
at org.apache.maven.cli.MavenCli.execute (MavenCli.java:957)
at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:289)
at org.apache.maven.cli.MavenCli.main (MavenCli.java:193)
at sun.reflect.NativeMethodAccessorImpl.invoke0 (Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke (NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke (DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke (Method.java:498)
at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced (Launcher.java:282)
at org.codehaus.plexus.classworlds.launcher.Launcher.launch (Launcher.java:225)
at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode (Launcher.java:406)
at org.codehaus.plexus.classworlds.launcher.Launcher.main (Launcher.java:347)
Caused by: org.apache.maven.plugin.MojoExecutionException
Hi Ann.
Today, I try send again my analysis for the Sonar and I have this result
[INFO] 14:53:53.751 Load project settings for component key: 'my-new-key'
[DEBUG] 14:53:53.774 GET 200 http://my-sonar/api/settings/values.protobuf?component=my-new-key | time=23ms
[INFO] 14:53:53.777 Load project settings for component key: 'sistema-EPG' (done) | time=27ms
[INFO] 14:53:53.830 Load project branches
[DEBUG] 14:53:53.847 GET 200 http://my-sonar/api/project_branches/list?project=my-new-key | time=16ms
[INFO] 14:53:53.851 Load project branches (done) | time=21ms
Now the report was send. Do you believe that Sonar takes a time for reflect the change the token?
Hi,
The null in the error you were getting was throwing me, so thanks for including as much of the log as you did yesterday. Here’s what I think is pertinent:
This means that on the request to get some of the information necessary to run your analysis, you were getting a ‘forbidden’ error. Between now and then it looks like the permissions cleared up. Whether that was something like a proxy on your network, or the SonarQube user you were using for analysis I can’t say. But permissions were at the root of the problem.
At any rate, I’m glad it’s working for you now.
Ann
Hi Ann.
Thanks so much for your support. I’ll talk with the team of infraestructure for investigate this problem.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.