search

JetBrains / TeamCity.SonarQubePlugin

A plugin for TeamCity server allowing you to configure and run SonarQube analysis from the CI
Apache License 2.0
53 stars 31 forks source link

Sonar Runner password handling not working #13

Closed mvossi closed 8 years ago

mvossi commented 9 years ago

I installed TeamCity with the SonarQubePlugin and configured all details as explained in the documentation. I was able to save the credentials for Sonar on the TeamCity Sonar configuration page (Administration > Project > SonarQube Servers), but unfortunately they are not taken when I execute a Maven build. I also configured them in the POM file (sonar.password and sonar.jdbc.password), but no success. I always receive the message that the authentication failed. I downloaded the plugin sources and compiled a new plugin zip file, where I hardcoded the passwords in SQRParametersAccessor (sonar-plugin-common). With that new plugin it was possible to create sonar reports. That leads me to assume that there is a problem in the plugin (not in the sonar runner).

There is another problem which is likely related to https://github.com/Linfar/TeamCity.SonarQubePlugin/issues/9: Now with the hardcoded passwords plugin I see "-Dsonar.password=" in clear text (while "-Dsonar.jdbc.password=" is shown with stars). This seems to be a regression of the mentioned issue and should be fixed, too.

I'd also propose to rename the Constants SONAR_LOGIN and SONAR_PASSWORD with the same strings as used by sonar runner ("sonar.login" instead of "sonarLogin", "sonar.password" instead of "sonarPassword") to be consistent with the other variables and to avoid confusion.

Since my Sonar is configured to allow authorized users only, I would appreciate when this would be officially fixed in the plugin. Please contact me if you need more information or if you need help to get this fixed.

Many thanks for your contributions

~ Vossi ~

ghost commented 9 years ago

+1

Linfar commented 9 years ago

@mvossi I cant reproduce the issue so I need some more info. Please describe your configuration - TC version, plugin version, attach the build log if possible.

Linfar commented 9 years ago

@mvossi @ensirius Can you give me any additional info?

ghost commented 9 years ago

TeamCity Professional 8.1.5 (build 30240)

http://i.imgur.com/GdP926c.png <- my fix. http://i.imgur.com/SlWCjAX.png <- all configured. http://pastebin.com/qgFmk6ZZ <- build log.

mvossi commented 9 years ago

I'm using TC 9.0.4 (build 32407) on Ubuntu 14.04.2 LTS (Trusty). I used the latest available plugin (http://teamcity.jetbrains.com/repository/download/TeamCityPluginsByJetBrains_TeamCitySonarQubePlugin_Build/.lastPinned/sonar-plugin.zip) as well as the self compiled version directly from the git repository. I can't provide the full build log, because it includes sensitive information.

mvossi commented 9 years ago

Here's the relevant sonar part where I replaced all sensitive information with something in square brackets: http://pastebin.com/Dw3z1iaf

Linfar commented 9 years ago

@mvossi In your case password is not hidden in the build log because SQRParametersAccessor is not a right place to hardcode password (hardcoding password isn't a good idea anyways).

@ensirius @mvossi Could you please try to manually set the password in the configuration file and run a build (without current workarounds). The configuration file is located in /config/projects//pluginData/plugin-settings.xml. Though the value is not encrypted in the xml it should be hidden in the build log. Please send me the log if build will fail.

Linfar commented 9 years ago

I've found an issue with similar symptoms related to situation when there are 2 sonar runners in the build. Here is plugin with the fix: sonar-plugin.zip

Linfar commented 9 years ago

@mvossi @ensirius Any update?

tongqqiu commented 8 years ago

Same issue here.

tongqqiu commented 8 years ago

Never mind, the key is to append useUnicode=true&characterEncoding=utf8 when using mysql

n3ziniuka5 commented 8 years ago

having the same issue, the provided password in the configuration is not being taken into account, unauthorized error every time. Manually running sonar-runner with the same username/password worked. Tried the newest plugin version.

Linfar commented 8 years ago

@n3ziniuka5 Did you try encoding appending as suggested above?

n3ziniuka5 commented 8 years ago

@Linfar the above was for jdbc url, the database connection is not a problem. In additional parameters I have

-Dsonar.sourceEncoding=UTF-8

As a temporary workaround I hardcoded the username and password in the build

-Dsonar.login=...
-Dsonar.password=...
Linfar commented 8 years ago

@n3ziniuka5 Could you check that "/config/projects//pluginData/plugin-settings.xml" file contains the password? stands for the project id in which sonarqube server data is stored. There should be "" with encrypted "password" attribute.

n3ziniuka5 commented 8 years ago

@Linfar nope, it does not have the sonar password only the database one, I did set it through the UI though.

<sonar-qube>
    <sonarqube-server id="e7227bdf-74e4-4dda-952e-0e59e52d1285" jdbcUrl="..." jdbcUsername="..." url="..." login="..." name="..." jdbcPassword="... />
  </sonar-qube>
Linfar commented 8 years ago

@n3ziniuka5 You can add the attribute manually - it will be accepted with unencrypted password as well. I hope this should work as a workaround.

However I want to find the bug. Didn't you update the sonarqube plugin after setting up the server data? What browser do you use?

n3ziniuka5 commented 8 years ago

@Linfar I installed the plugin today, there was no previous version before. Using Chromium 45

Linfar commented 8 years ago

@n3ziniuka5 I've fixed 2 problems in editing/adding server definition. Please update the plugin and set the password using UI.

n3ziniuka5 commented 8 years ago

@Linfar all good now, thanks.

Linfar commented 8 years ago

@n3ziniuka5 Sorry for inconvenience and thanks for help

matevarga commented 8 years ago

I still have a problem with jdbc:h2 passwords - TC plugin complains about wrong credentials, but I'm sure they're correct. [22:55:45][Step 3/5] ERROR: Error during Sonar runner execution [22:55:45][Step 3/5] ERROR: Unable to execute Sonar [22:55:45][Step 3/5] ERROR: Caused by: Fail to connect to database [22:55:45][Step 3/5] ERROR: Caused by: Cannot create PoolableConnectionFactory (Wrong user name or password [28000-176]) [22:55:45][Step 3/5] ERROR: Caused by: Wrong user name or password [28000-176]

Linfar commented 8 years ago

@matevarga Did you try using "useUnicode=true&characterEncoding=utf8"?

mvossi commented 8 years ago

Just for confirmation: I updated to the latest versions (TeamCity 9.1.5, Sonar 5.2, TeamCity Sonar Plugin Build 31) and everything is working as expected. Many thanks for your support on this issue.

shmulik-klein commented 8 years ago

I've noticed that once Teamcity created more than three plugin-settings.xml backup files, it won't add sonar.password and sonar.jdbc.password to the settings file although it was changed via the UI. Deleting one of the backup files (plugin-settings.xml.1) fixes the issue.