[NEW RELEASE] SonarQube CNES Report 3.3.1

Hi everyone,

We would like to submit a new version of the SonarQube CNES Report plugin that we have developed.
Here comes the required piece of information:

If you’re interested in the release notes of the initial 3.3.0 version, we previously published a request on this forum but did not receive any answer : [NEW RELEASE] SonarQube CNES Report 3.3.0

Hopefully, you’re less busy now :smile:

Thanks a lot for having a look at this plugin !

Alexis

Hi Alexis,

unfortunately the new version still has this long known bug, when started via More / CNES Report
as admin
{"errors":[{"msg":"An error has occurred. Please contact your administrator"}]}

sonar.log has


Apr 08, 2021 1:04:12 PM fr.cnes.sonar.report.ReportCommandLine execute
INFO: SonarQube URL: http://localhost:9000
Apr 08, 2021 1:04:12 PM fr.cnes.sonar.report.providers.SonarQubeInfoProvider getSonarQubeStatus
SEVERE: Insufficient privileges error sent by SonarQube server (code 403), please check your permissions in SonarQube configuration.
fr.cnes.sonar.report.exceptions.BadSonarQubeRequestException: Insufficient privileges error sent by SonarQube server (code 403), please check your permissions in SonarQube configuration.
	at fr.cnes.sonar.report.providers.RequestManager.get(RequestManager.java:170)
	at fr.cnes.sonar.report.providers.AbstractDataProvider.stringRequest(AbstractDataProvider.java:344)
	at fr.cnes.sonar.report.providers.AbstractDataProvider.request(AbstractDataProvider.java:300)
	at fr.cnes.sonar.report.providers.SonarQubeInfoProvider.getSonarQubeStatus(SonarQubeInfoProvider.java:67)
	at fr.cnes.sonar.report.factory.ServerFactory.create(ServerFactory.java:70)
	at fr.cnes.sonar.report.ReportCommandLine.execute(ReportCommandLine.java:109)
	at fr.cnes.sonar.plugin.ws.ExportTask.handle(ExportTask.java:88)
	at org.sonar.server.ws.WebServiceEngine.execute(WebServiceEngine.java:110)
	at org.sonar.server.platform.web.WebServiceFilter.doFilter(WebServiceFilter.java:84)
	at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:139)
	at org.sonar.server.platform.web.SonarLintConnectionFilter.doFilter(SonarLintConnectionFilter.java:66)
	at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:139)
	at org.sonar.server.platform.web.MasterServletFilter.doFilter(MasterServletFilter.java:108)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:81)
	at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:68)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:76)
	at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:48)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:58)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RequestIdFilter.doFilter(RequestIdFilter.java:66)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:109)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
	at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:353)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:616)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:831)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1629)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:834)

Apr 08, 2021 1:04:12 PM fr.cnes.sonar.report.ReportCommandLine execute
INFO: SonarQube online: false

The plugin should use the sonar.core.serverBaseURL setting !?

Gilbert

Hi Alexis,

:flushed:
Really sorry about that. Hopefully there won’t be a next time, but if there is, feel free to ping me directly. (Yes, I normally yell at people for pinging folks not already involved in a thread, but this is different; it’s just anyone who can/does handle these plugin requests.) [Edit it’s not just anyone… :roll_eyes: ]

Regarding this version… There are two things to resolve

  • The startup failure that @Rebse reports. Gilbert just to be sure, what version of SonarQube are you seeing this problem on?
  • Less an issue but also a concern, why does this brand new version of the plugin end compatibility at 8.2?

 
Ann

Hi Ann,

i’ve read the compatibility matrix on github and in fact i’ve tried with the latest Sonarqube 8.8 version.
As you already mentioned, it doesn’t make sense to release a new plugin version compatible with Sonarqube 8.2 when the next LTS version 8.9 is just around the corner.
Also i believe Sonarqube 8.8 is not the problem.
Noticed this bug already from the beginning in 2019 with Sonarqube 7.9, see

and also with subsequent versions of the CNES report plugin.

Gilbert

Hi Ann, Gilbert,

@ganncamp
No problem at all, we know you’re pretty busy !
As we maintain this project during our free time, we perfectly understand that missing a thread is quite easy :wink:

@Rebse : please open an issue on GitHub, it will be easier for us to work/discuss on your issue. I don’t know if it’s a bug or a specific use/configuration on your side, but we’ll find someone to investigate quickly.

For the SonarQube 8.2 compatibility, it’s quite simple …
This 3.3.1 version is a bugfix version to patch the previous one, that was only compatible with SonarQube 8.2. (It’s the last patch we’ll ever do before the next major release.)
Our plugin depends heavily on SQ APIs, and as we don’t have much free time, we stopped trying to update the plugin for every 8.x release, and instead wait for the stable LTS one.
As the LTS is coming soon, we are now working on a new major release of the plugin with full compatibility with SQ 8.9.

If you think it’s better to wait for SQ8.9 compatibility, we could simply close this request.
What do you think ?

Alexis

Hi Alexis,

didn’t create an issue at first, because there are already similar issues.
github issue created [SQ 8.8] An error has occurred. Please contact your administrator · Issue #211 · cnescatlab/sonar-cnes-report · GitHub
For me it would be sufficient if it works with SQ 8.9 LTS. I believe your plugin has great potential,
tested every new version, but always hit that problem.

Have a nice weekend,
Gilbert

Hi all,

Since @Rebse is seeing a startup error, I want to take some time to test this myself with the new version. But I likely won’t get to that today…

 
Ann

@Rebse : actually it works on our SonarQube instance and on many other so … I would like to know what your issue really is. That’s the only way I could be sure you could finally use our work !

@ganncamp : I perfectly understand, take the time you need. We will investigate on that issue too.

Alexis

Provided all details i can give in the github issue, don’t have more, loglevel is DEBUG already.
And like already said, it’s the same behaviour for all versions of CNES report plugin i tested from 2019 on with different Sonarqube Enterprise versions, 7.9.1 … 8.8
It seems you can’t also reproduce the problem for other similar issues !?

Hi all,

Sorry it has taken me so long to come back to this. In fact I’ve been spearheading the 8.9 announcement, which is why I now have some head space to devote to this. Which leads to some unfortunate timing. Normally, a Marketplace request for compatibility with now-previous-LTS through not-latest would be rejected. But the fault is not on your side. Yes, you know that, but I want to get it in the thread for posterity. </ramble>

So, I’ve done a test of the new version on 7.9 CE with and without a non-default BaseURL value and had no problems with either. So since I’m not reproducing @Rebse’s issue (and thanks for reporting it here) and since the policy has been to support the previous LTS in the Marketplace for 6 months I’m moving ahead with this.

Aaand… I hate it, but I need a change in the PR. :woman_shrugging:

 
Ann

Hi Ann,

Thanks for your precious time & review !
And don’t blame yourself too much for this :wink:
We are actively working on a new major version for SQ 8.9 LTS.

The PR was updated accordingly (or so I hope !).

Regarding the issue @Rebse is facing, we still can’t reproduce it.
We think it’s environment specific, but we created an issue to find a better way to determine the server address.
Hopefully, it will solve this… we’ll stay in touch on GitHub.

Alexis

Hi Alexis,

Done. Finally!

 
:sweat_smile:
Ann

Hi,

FYI: https://jira.sonarsource.com/browse/SONAR-14886

 
Ann

Hi Alexis,
Do you have ETA for the new version?
I am using SonarQube Community Edition 8.9.1.44547, and the plugin is not working on it.

When I try the Standalone mode (command line):
SonarQube URL: http://localhost:9000
SonarQube online: true
Detected SonarQube version: 8.9.1
[ERROR] Value of parameter ‘facets’ (fileUuids) must be one of: [projects, moduleUuids, files, assigned_to_me, severities, statuses, resolutions, rules, assignees, authors, author, directories, scopes, languages, tags, types, owaspTop10, sansTop25, cwe, createdAt, sonarsourceSecurity]

When I try Plugin mode (within SonarQube):
{“error”:“This project can\u0027t be exported, please check your token.”}

P.S: There is no token issue I am using the same token for administrative operations

Hi @muhyid

As stated before, the 3.3.1 version is absolutly not compatible with SonarQube 8.9.x.

We are working on the next version, and already have implemented most of the planned features.
I can’t exactly tell when everything will be finished, but if you can’t wait, you could try to build the dev branch in order to have a kind of “beta” release of version 4.0.0.
Hopefully, it will be over by the end of this summer.

Alexis

Hi Alexis,

Thanks for the prompt response. I downloaded the “beta” release of version 4.0.0. I will try it.