6

I'm following Get started instructions on sonarcloud.io to execute the SonarQube Scanner for Maven from my computer:

mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar \
    -Dsonar.host.url=https://sonarcloud.io \
    -Dsonar.organization=ron190-github \
    -Dsonar.login=9...e

Manual execution is working:

[INFO] ANALYSIS SUCCESSFUL, you can browse https://sonarcloud.io/dashboard/index
/jsql-injection:jsql-injection

But when I'm ready to automate with Travis CI it's failing with Not authorized. Please check the properties sonar.login and sonar.password.:

[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0.905:sonar (default-cli) on project jsql-injection: Not authorized. Please check the properties sonar.login and sonar.password. -> [Help 1]

And if I add sonar.login to the mvn command then it's working:

language: java
sudo: false
install: true

addons:
  sonarcloud:
    organization: "ron190-github"
    token:
      secure: "v...s="

jdk:
  - oraclejdk8

script:
  # JaCoCo is used to have code coverage, the agent has to be activated
  # Not working
  # - mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar
  - mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar -Dsonar.login=9...e

cache:
  directories:
    - '$HOME/.m2/repository'
    - '$HOME/.sonar/cache'

I have also used the example script.

Do you know why secure token is ignored and why it's failing with default config?

ron190
  • 1,032
  • 1
  • 17
  • 29

3 Answers3

2

It seems that the tag secure is not working, use a repo variable instead:

language: java
sudo: false
install: true

addons:
  sonarcloud:
    organization: "ron190-github"

jdk:
  - oraclejdk8

script:
  # JaCoCo is used to have code coverage, the agent has to be activated
  - mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar -Dsonar.login=${SONAR_TOKEN}

cache:
  directories:
    - '$HOME/.m2/repository'
    - '$HOME/.sonar/cache'
ron190
  • 1,032
  • 1
  • 17
  • 29
  • This is wrong, the tag "secure" works perfectly. See the example provided for SonarCloud: https://github.com/SonarSource/sq-com_example_standard-sqscanner-travis. It is analysed every week, successfully. I suspect that you did a mistake while encrypting the token. – Fabrice - SonarSource Team Apr 25 '18 at 06:03
  • 1
    Nice downvote :) Unusual coming from anything related to Sonar. Anyway I'm using Java, not PHP. For anyone trying to use secure tag with encrypted token, don't waste your time, there's something missing in Get Started instructions on sonarcloud.io or simply it does not work. Except the example file there is literally no .travis.yml on Github using the secure tag with encrypted token, only unencrypted token, other examples include -Dsonar.login=${SONAR_TOKEN} with a repo variable. Really unexpected lack of support from Sonar considering that other users are failing to use it too. – ron190 Apr 25 '18 at 17:30
  • 2
    And now for the correct encryption syntax: `travis encrypt 309473973909Z09R830 -r my-org/my-repo` No variable name, no quote. – ron190 Apr 25 '18 at 17:53
  • Here are some of my projects using the "secure" tag: https://github.com/bellingard/my-account-manager, https://github.com/bellingard/sonar-scanner-npm. All working flawlessly. – Fabrice - SonarSource Team Apr 26 '18 at 07:55
  • So please don't say wrong things like "there is literally no .travis.yml on GitHub using the secure tag", this is wrong. – Fabrice - SonarSource Team Apr 26 '18 at 07:59
  • Have you miss anything in "Except the example file there is literally no .travis.yml on Github" ? – ron190 Apr 27 '18 at 22:13
  • @Fabrice-SonarSourceTeam I've tried it all, but it's not working. Not sure what I can try any further. – Bouke Sep 02 '18 at 19:44
2

I agree with Santhosh Tpixler that your problem is likely with the Travis encryption of the token. In my case I need travis-ci.com (opposed to travis-ci.org, see https://devops.stackexchange.com/q/1201), therefore had to use the --pro flag.

From inside the project directory I used these commands:

travis login --pro
travis encrypt --pro <your-hexadecimal-token>
ᴠɪɴᴄᴇɴᴛ
  • 1,613
  • 2
  • 21
  • 28
1

The problem is with the travis encryption.

Correct encryption syntax:

travis encrypt 309473973909Z09R830 -r my-org/my-repo

No variable name, no quote.

If you are running travis encrypt inside your repo directory you can just use

travis encrypt 309473973909Z09R830

Kindly replace you token for 309473973909Z09R830

The above trick worked for me. Thought of making it more visible to the public.

Credits: @ron190

Santhosh Tpixler
  • 361
  • 4
  • 12