Npm sonarqube-scanner fails behind proxy

SonarQube Server / Community Build
, ,
1

Hi !
I’m using the npm library sonarqube-scanner version 4.2.5 with an http proxy and it results on a HTTP 403 error when fetching the api.

My proxy configuration is set by environment variable : export HTTP_PROXY=http://my-proxy:3128.
When I invoke the scan function, it fails on first call to sonarqube API.

After investigation, I found that this is due to the way the axios http client is instantiated.

In axios documentation (Request Config | Axios Docs), it’s specify that proxy has to be set to false when supplying an httpAgent:

// Use `false` to disable proxies, ignoring environment variables.
// Disable if supplying a custom httpAgent/httpsAgent to manage proxying requests.
proxy: {

Is it possible to disable the proxy option when using an httpAgent ?

Ex in file request.ts, function getHttpAgents :
replace :

  return agents;

by

  return {...agents, ...((agents.httpsAgent || agents.httpAgent) ? {proxy:false} : {})};

Here, minimalist code to reproduce :

import axios from "axios";
import hpagent from "hpagent";

process.env.HTTP_PROXY = 'http://localhost:3128'
axios
  .get("http://sonarqube-ic.intra.arkea.com:8080/api/server/version", {
    httpAgent: new hpagent.HttpProxyAgent({ proxy: "http://localhost:3128" })
  })
  .then((res) => {
    console.log(res);
  })
  .catch((err) => console.error(err));

This request returns a 403 because axios configures 2 proxies

4

Hello @nicotu01 ,

After running some tests and investigating the issue, we could conclude that your assessment is correct: When HTTP[S]_PROXY environment variables are set, axios will try and connect to the proxy directly even though we are setting the http[s]Agent options.

I’ve summarized the problem and fix in a ticket SCANNPM-58 which you can use to track our progress.

Thanks for reporting

1 Like