3

I have an experimental project on my Github used for the practising the CI service integrations. I struggle with using Sonarcloud.

I have followed both Tavis CI + Sonarcloud tutorial and Maven example. Mz first confusion starts with the token and properties file whereas the first source suggests creating sonar-project.properties file and the Maven example source does not have any. Here where the documentation is very unclear.

I ignored the properties file and I have done the following steps:

  1. Generated token on sonarcloud.io for my project: e53.....239

  2. Encrypted token on travis-encrypt.github.io since it's the most comfortable way for a Windows user. The 2 following inputs resulted in g3s.....+Q=:

    • NicharNET/Gistintex
    • SONAR_TOKEN="e53...239" - I tried both to wrap between quotation marks and without.

  3. Added to Settings -> Environment variable key SONAR_TOKEN with the value of the generated Sonarcloud token e53...239.

  4. Completed travis.yml with the secure token:

    language: java
sudo: false
jdk: oraclejdk8

addons:
    sonarcloud:
    organization: "nicharnet-github"
    token:
        secure: "g3sLTdS597mklh1I9HgXr71NRCiOk2n9I41PL2wklnAidwibfocyEcWvSQxjmbhNTjdrcW0cAfzh73Ago8hwfdloraryDY9Ng9L1runxayShtPOqZMPI6nz8zUwLaDfqJVwXWv6A3xICOMFl0UhvF351GPErHhrUO7YIa8el3kESeotYy7kkTzeQ7BA239y7EVFw8H4OCW2gjP2G/InxKnlXfNjgQA3GsnZdJ3uWO3No5kwt5ybfuCCV42cp/UczLIzNbo0RW9Z9jBl5IFMzJaUQUfWV3Pp5QEPmpB7Anr/4W1EtjJPjpSIC/+jBmbrkvC/CSzzTPjaH9LzEQ5m4F5JpRw01blqgKH/153qfs1jRgZK6WVRuhe7yAATHCO/IM0DM+kC0mUJTcXKyv9pRm93E4wp+KzdHYy0LdA83wFgMmvlB8pcm20ImAe7B2SBFx5TGtETa6ea6k2BS+DfBXe6sLBnrl1zZB8nxCDnYiwT1BJFxizgv3EJ6Krjd3cSSxr6PGnXDD/yTeFNJarpMbA+wR6AQetJ89LiDBXYiw6GPgWk/A4vUDIsIaXGqCpydeZHkr2ufS1Ap4yYS0Um2GeDeQXTsBTSCg7BViFgduUI1NPYT1avKg7b64nsdpdjBVofOvzJsgiT66WlaJmt23BUCJsnmXwwEcW1387b4G+Q="

script:
    - mvn clean install org.jacoco:jacoco-maven-plugin:prepare-agent sonar:sonar

  5. Committed and pushed changes into the repository and Travis CI started to work and resulted in:

    Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.1.1168:sonar (default-cli) on project gistintex: Not authorized. Please check the properties sonar.login and sonar.password.

The error could be found on my Travis CI build. What do I do wrong?

I have skimmed through Error using Travis CI with Sonarcloud: Not authorized. Please check the properties sonar.login and sonar.password SO question and Travis CI Sonarqube analysis article, which unfortunately didn't help me though. My GitHub project source.

I have tried to add these plugins to pom.xml and run the analysis locally:

  • org.codehaus.mojo: sonar-maven-plugin: 5.1
  • org.sonarsource.scanner.maven: sonar-maven-plugin: 3.4.1.1168

Running this on my machine resulted in the correct Sonarcloud analysis:

mvn sonar:sonar \
   -Dsonar.organization=nicharnet-github \
   -Dsonar.host.url=https://sonarcloud.io \
   -Dsonar.login=e53.....239

However, my goal is to run the analysis after every committed version using Travis CI. I am sure I have done wrong the key encryption but I can't figure what exactly.

Community
  • 1
  • 1
Nikolas Charalambidis
  • 40,893
  • 16
  • 117
  • 183
  • @Rapster: Just partially. I included the raw token as hiden Travis CI environment variable and removed secure from.travis.yml – Nikolas Charalambidis Aug 25 '18 at 14:10
  • 1
    Okay, thanks to Sonar team team, they found the problem. I was encrypting my key from a fork repository and not the official repository. – Rapster Aug 28 '18 at 09:44

1 Answers1

4

The key encryption problem usually happens when you execute the generation without the login command against travis.com instead of travis.org

In order to run on every commit you could connect your repo with SonarCloud Scan, generate a secret in your sonarcloud.io project page and there you will find instructions to modify your .travis.yml

if you use travis.org

travis encrypt <YOUR_SONAR_SECRET>

if you use travis.com

travis login --pro

then generate your token like this:

travis encrypt --pro <YOUR_SONAR_SECRET>

finally you need to add your pipeline instruction to your .travis.yml file

Check in your Travis CI repo settings when it should be triggered enter image description here

here some related links:

Error using Travis CI with Sonarcloud: Not authorized. Please check the properties sonar.login and sonar.password

https://docs.travis-ci.com/user/encryption-keys/#usage

https://github.com/marketplace/actions/sonarcloud-scan

https://sonarcloud.io/documentation/integrations/github/

blacktiago
  • 351
  • 2
  • 11