SonarQube waitForQualityGate()返回401
我有一个SonarQube服务器和一个Jenkins服务器。 Jenkins服务器安装了以下插件。
- Quality Gates Plugin
- 声纳质量门插件
- SonarQubeScanner
我已使用以下网址在SonarQube用户界面中配置了一个webhook。
http://myjenkins.com:8083/sonarqube-webhook/
我有一个Jenkins Pipeline文件,如下所示。
pipeline {
/*
* Run everything on an existing agent configured with a label 'windows'.
* TODO : Once we have enough agents, distribute to get fastest feedback!
*/
agent any
/*
agent {
node {
label 'windows'
}
}
*/
/*
* We are getting a lot of values from BitBucket notifier plugin.
*/
parameters {
string(defaultValue: '', description: '', name: 'PULL_REQUEST_URL')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_VERSION')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_AUTHOR_SLUG')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_TO_SSH_CLONE_URL')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_FROM_BRANCH')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_TO_BRANCH')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_TO_REPO_NAME')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_ID')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_TITLE')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_ACTION')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_REVIEWERS_SLUG')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_AUTHOR_EMAIL')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_AUTHOR_DISPLAY_NAME')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_USER_EMAIL_ADDRESS')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_USER_DISPLAY_NAME')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_STATE')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_REVIEWERS_EMAIL')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_REVIEWERS_APPROVED_COUNT')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_FROM_BRANCH')
string(defaultValue: '', description: '', name: 'PULL_REQUEST_TO_REPO_PROJECT_KEY')
}
/* Add timestamps to the console log. Discard old builds.
options {
timestamps()
buildDiscarder(logRotator(numToKeepStr: '20'))
}
*/
/* Stages can be parallel or sequential */
stages {
stage('Source-Code-Management') {
steps {
git(url: 'ssh://mybitbucketserver.com:7999/dev/sitecore.git', branch: '${PULL_REQUEST_FROM_BRANCH}', credentialsId: 'root')
powershell "git merge origin/${PULL_REQUEST_TO_BRANCH}"
}
}
stage('Build and Analyze') {
steps {
script {
// Todo we should be using environment variables or properties for sonar scanner and not have hardcoded values
bat "\"${tool 'nuget-4.3.0'}\" restore src/Nemlig.sln -NoCache"
withSonarQubeEnv('Local') {
bat "\"${tool 'SonarScanner.MSBuild.exe'}\" begin /d:sonar.login=mytoken /k:TEST /n:Website /v: /d:sonar.host.url=${SONAR_URL} /d:sonar.cs.nunit.reportsPaths=${WORKSPACE}\\NUnitResult.xml /d:sonar.cs.opencover.reportsPaths=${WORKSPACE}\\OpenCoverResult.xml"
bat "\"${tool 'MSBuild-v15'}\" src/Nemlig.sln /p:Configuration=debug"
// Note that this shell can retrieve value with CRLF and NUNIT will puke. Must replace with spaces...
def dlls = powershell(returnStdout: true, script: '(ls -Recurse src\\*\\bin\\*.Test.dll | % FullName)')
dlls = dlls.replaceAll('\r\n', ' ')
mycmd = "OpenCover.Console.exe -register:path64 -target:\"nunit3-console.exe\" -returntargetcode -targetargs:\"$dlls --result=NUnitResult.xml\" -output:OpenCoverResult.xml"
powershell (returnStatus: true, script: "$mycmd")
bat "\"${tool 'SonarScanner.MSBuild.exe'}\" end /d:sonar.login=mytoken"
}
}
}
}
stage('SonarQube Quality Gate') {
steps {
script {
timeout(time: 1, unit: 'HOURS') { // Just in case something goes wrong, pipeline will be killed after a timeout
def qg = waitForQualityGate() // Reuse taskId previously collected by withSonarQubeEnv
if (qg.status != 'OK') {
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
}
}
}
stage('Deploy Team Environment') {
parallel {
stage('Deploy Site') {
steps {
powershell 'Write-Output "Here we could do a deploy of the site"'
}
}
stage('Deploy Backend') {
steps {
powershell 'Write-Output "Here we could do a deploy of the backend and maybe database changes?"'
}
}
}
}
stage('Smoke') {
parallel {
stage('Chrome') {
steps {
powershell 'Write-Output "Execute Smoke on Chrome"'
}
}
stage('Firefox') {
steps {
powershell 'Write-Output "Execute Smoke on Firefox"'
}
}
stage('Safari') {
steps {
powershell 'Write-Output "Execute Smoke on Safari"'
}
}
}
}
stage('integrate') {
steps {
powershell 'Write-Output "Push merge if all is success!"'
}
}
stage('Store Binary') {
steps {
powershell 'Write-Output "Put the tested binary in Artifactory. Maybe tag it with SHA and Build Number?"'
}
}
}
post {
// Add the publish merge steps...
// Add the notifiy Jira steps
always {
script {
currentBuild.result = currentBuild.result ?: 'SUCCESS'
notifyBitbucket()
}
nunit testResultsPattern: "NUnitResult.xml"
}
}
}
我执行管道并正确处理分析并上传到SonarQube服务器。但是,waitForQualityGate始终返回401.
Checking status of SonarQube task 'AWKwODGjKw9CRrvU3S27' on server 'Local'
Error 401 on http://mysonarserver.com:9000/api/ce/task?id=AWKwODGjKw9CRrvU3S27
我可以从日志中看到分析过程中生成的taskID是相同的。
ANALYSIS SUCCESSFUL, you can browse http://10.100.1.189:9000/dashboard/index/TEST
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at http://mysonarserver.com:9000/api/ce/task?id=AWKwODGjKw9CRrvU3S27
INFO: Task total time: 3:00.752 s
我启动了一个本地RequestBin服务器,为此设置了一个新的webhook,并看到它确实从SonarQube接收了数据。
{
"serverUrl": "http://localhost:9000", "taskId": "AWKwODGjKw9CRrvU3S27", "status": "SUCCESS", "analysedAt":
"2018-04-11T07:41:40+0000", "changedAt": "2018-04-11T07:41:40+0000", "project":
{ "key": "TEST", "name": "Website", "url": "http://localhost:9000/dashboard?id=TEST" }, "branch":
{ "name": "master", "type": "LONG", "isMain": true, "url": "http://localhost:9000/dashboard?id=TEST" },
"qualityGate": {
"name": "Website", "status": "OK", "conditions": [{
"metric": "new_reliability_rating", "operator":
"GREATER_THAN", "value": "3", "status": "OK", "onLeakPeriod":
true, "errorThreshold": "3"
}, {
"metric": "new_duplicated_lines_density", "operator":
"GREATER_THAN", "status": "NO_VALUE", "onLeakPeriod": true,
"errorThreshold": "3"
}, {
"metric": "new_security_rating", "operator": "GREATER_THAN",
"value": "4", "status": "OK", "onLeakPeriod": true,
"errorThreshold": "4"
}, {
"metric": "blocker_violations", "operator": "GREATER_THAN",
"value": "-2", "status": "OK", "onLeakPeriod": true,
"errorThreshold": "35"
}, {
"metric": "new_maintainability_rating", "operator":
"GREATER_THAN", "value": "1", "status": "OK", "onLeakPeriod":
true, "errorThreshold": "1"
}]
}, "properties": {}
}
所以我现在不知道该往哪里去?
任何帮助将不胜感激!
4 个答案:
答案 0 :(得分:3)
waitForQualityGate()步骤需要一些凭据才能从SQ服务器获取质量门详细信息。预计凭据将在Jenkins全局配置中为您的'Local'服务器设置。
但根据您的管道代码段,我发现您手动将/d:sonar.login=mytoken传递给扫描仪。这不受支持。请在全局服务器配置中设置令牌。
答案 1 :(得分:1)
确保为“服务器身份验证令牌”的凭据使用正确的种类和范围。类型必须为“机密文本”,范围必须为“全局”。
我将范围设置为“系统(仅詹金斯和节点)”,这导致waitForQualityGate失败,并显示401。
答案 2 :(得分:0)
好的,我让它上班了。我更新了Jenkins用户令牌。复制它并将其添加为Jenkins Global配置中的环境变量。然后浏览了我的管道脚本,并在对SonarQube的所有调用中使用了环境变量。
答案 3 :(得分:0)
我遇到了这样的问题:
Checking status of SonarQube task 'AWo1Ph_4M7P7FGulGL9v' on server 'sonar'
SonarQube task 'AWo1Ph_4M7P7FGulGL9v' status is 'PENDING'
Cancelling nested steps due to timeout
我在Sonarqube中添加了以下内容:项目名称>管理> webhooks
http://JENKINS_URL/sonarqube-webhook/
相关问题
- WaitForQualityGate退出并在Jenkins slave上出错
- 在Jenkins声明性管道
- 为什么SONAR在waitForQualityGate()失败并出现错误401?
- PR预览分析导致waitForQualityGate失败
- waitForQualityGate()使用Sonar扫描仪进行MSbuild
- Sonar Qube WaitForQualityGate Step的groovy.lang.ReadOnlyPropertyException
- waitForQualityGate()失败,状态为NONE
- SonarQube waitForQualityGate()返回401
- SonarQube URL在waitForQualityGate()上错误
- 使用参数的waitForQualityGate
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?