Closed qww-tmp closed 4 years ago
Could you see if you get the same issue with an up-to-date Snapshot build for the 8.2 release? There's one available by clicking the artifacts link on https://github.com/mc1arke/sonarqube-community-branch-plugin/pull/156/checks?check_run_id=747257134.
I don't think you're encountering any of them given this works for a standard user, but there were fixes for various issues around Github pagination, URL building, and input handling that were fixed in the up-to-date version.
Are you also able to turn on debug logging in your compute engine so I can see the content that came back as part of Github's 401 response, and the request that was issued for that response?
I took your last version, and try to use it on two system, with organization and without Log where we use organization
2020.06.09 12:13:56 INFO ce[AXKYklt5ETOogAAjAEhP][c.g.m.s.p.c.p.PullRequestPostAnalysisTask] using pull request decorator github
2020.06.09 12:13:56 DEBUG ce[AXKYklt5ETOogAAjAEhP][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@6f8a4e096 pairs: {GET /app/installations HTTP/1.1: null}{Accept: application/vnd.github.machine-man-preview+json}{Authorization: Bearer eyJhbGci_XXX_OkXsvGdBsQ}{User-Agent: Java/11.0.7}{Host: api.github.com}{Connection: keep-alive}
2020.06.09 12:13:56 DEBUG ce[AXKYklt5ETOogAAjAEhP][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@11138d1917 pairs: {null: HTTP/1.1 401 Unauthorized}{Date: Tue, 09 Jun 2020 09:13:55 GMT}{Content-Type: application/json; charset=utf-8}{Content-Length: 164}{Server: GitHub.com}{Status: 401 Unauthorized}{X-GitHub-Media-Type: github.machine-man-preview; format=json}{Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset}{Access-Control-Allow-Origin: *}{Strict-Transport-Security: max-age=31536000; includeSubdomains; preload}{X-Frame-Options: deny}{X-Content-Type-Options: nosniff}{X-XSS-Protection: 1; mode=block}{Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin}{Content-Security-Policy: default-src 'none'}{Vary: Accept-Encoding, Accept, X-Requested-With}{X-GitHub-Request-Id: D24F:E717:C31C496:E9AD5C4:5EDF52D3}
2020.06.09 12:13:56 ERROR ce[AXKYklt5ETOogAAjAEhP][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Execution of task class com.github.mc1arke.sonarqube.plugin.ce.pullrequest.PullRequestPostAnalysisTask failed
java.lang.IllegalStateException: Could not decorate Pull Request on Github
at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.GithubPullRequestDecorator.decorateQualityGateStatus(GithubPullRequestDecorator.java:42)
at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.PullRequestPostAnalysisTask.finished(PullRequestPostAnalysisTask.java:160)
at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.executeTask(PostProjectAnalysisTasksExecutor.java:118)
at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.finished(PostProjectAnalysisTasksExecutor.java:109)
at org.sonar.ce.task.step.ComputationStepExecutor.executeListener(ComputationStepExecutor.java:91)
at org.sonar.ce.task.step.ComputationStepExecutor.execute(ComputationStepExecutor.java:63)
at org.sonar.ce.task.projectanalysis.taskprocessor.ReportTaskProcessor.process(ReportTaskProcessor.java:81)
at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.executeTask(CeWorkerImpl.java:209)
at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.run(CeWorkerImpl.java:191)
at org.sonar.ce.taskprocessor.CeWorkerImpl.findAndProcessTask(CeWorkerImpl.java:158)
at org.sonar.ce.taskprocessor.CeWorkerImpl$TrackRunningState.get(CeWorkerImpl.java:133)
at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:85)
at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:53)
at com.google.common.util.concurrent.TrustedListenableFutureTask$TrustedFutureInterruptibleTask.runInterruptibly(TrustedListenableFutureTask.java:125)
at com.google.common.util.concurrent.InterruptibleTask.run(InterruptibleTask.java:69)
at com.google.common.util.concurrent.TrustedListenableFutureTask.run(TrustedListenableFutureTask.java:78)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: java.io.IOException: Server returned HTTP response code: 401 for URL: https://api.github.com/app/installations
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1919)
at java.base/sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1507)
at java.base/sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1505)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/java.security.AccessController.doPrivilegedWithCombiner(AccessController.java:795)
at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1504)
at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:250)
at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.v3.RestApplicationAuthenticationProvider.getInstallationToken(RestApplicationAuthenticationProvider.java:87)
at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.v4.GraphqlCheckRunProvider.createCheckRun(GraphqlCheckRunProvider.java:101)
at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.GithubPullRequestDecorator.decorateQualityGateStatus(GithubPullRequestDecorator.java:40)
... 21 common frames omitted
2020.06.09 12:13:56 INFO ce[AXKYklt5ETOogAAjAEhP][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Pull Request Decoration | status=FAILED | time=215ms
Log from simple acc
2020.06.09 02:35:37 INFO ce[AXKYbz_r2lcoanXgpXBZ][c.g.m.s.p.c.p.PullRequestPostAnalysisTask] using pull request decorator github
2020.06.09 02:35:37 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@2d974bd96 pairs: {GET /app/installations HTTP/1.1: null}{Accept: application/vnd.github.machine-man-preview+json}{Authorization: Bearer eyJhbGciOiJSUzI1NiJ9..---1d6zhNoO23A}{User-Agent: Java/11.0.7}{Host: api.github.com}{Connection: keep-alive}
2020.06.09 02:35:37 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@4de19ff321 pairs: {null: HTTP/1.1 200 OK}{Date: Tue, 09 Jun 2020 09:35:39 GMT}{Content-Type: application/json; charset=utf-8}{Content-Length: 2965}{Server: GitHub.com}{Status: 200 OK}{Cache-Control: public, max-age=60, s-maxage=60}{Vary: Accept}{ETag: "2ffc95e94965d8c7d053f642b5600907"}{X-GitHub-Media-Type: github.machine-man-preview; format=json}{Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset}{Access-Control-Allow-Origin: *}{Strict-Transport-Security: max-age=31536000; includeSubdomains; preload}{X-Frame-Options: deny}{X-Content-Type-Options: nosniff}{X-XSS-Protection: 1; mode=block}{Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin}{Content-Security-Policy: default-src 'none'}{Vary: Accept-Encoding, Accept, X-Requested-With}{Vary: Accept-Encoding}{X-GitHub-Request-Id: DBD1:41F9F:C0F4FCC:E69850B:5EDF57EB}
2020.06.09 02:35:37 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@23621f4c6 pairs: {POST /app/installations/9601189/access_tokens HTTP/1.1: null}{Accept: application/vnd.github.machine-man-preview+json}{Authorization: Bearer eyJhbGciOiJSUzI1NiJ9..---1d6zhNoO23A}{User-Agent: Java/11.0.7}{Host: api.github.com}{Connection: keep-alive}
2020.06.09 02:35:37 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@343c417a21 pairs: {null: HTTP/1.1 201 Created}{Date: Tue, 09 Jun 2020 09:35:39 GMT}{Content-Type: application/json; charset=utf-8}{Content-Length: 212}{Server: GitHub.com}{Status: 201 Created}{Cache-Control: public, max-age=60, s-maxage=60}{Vary: Accept}{ETag: "b394b95e26e0d798d408572d878cc8b7"}{X-GitHub-Media-Type: github.machine-man-preview; format=json}{Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset}{Access-Control-Allow-Origin: *}{Strict-Transport-Security: max-age=31536000; includeSubdomains; preload}{X-Frame-Options: deny}{X-Content-Type-Options: nosniff}{X-XSS-Protection: 1; mode=block}{Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin}{Content-Security-Policy: default-src 'none'}{Vary: Accept-Encoding, Accept, X-Requested-With}{Vary: Accept-Encoding}{X-GitHub-Request-Id: DBD1:41F9F:C0F5036:E698569:5EDF57EB}
2020.06.09 02:35:37 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@2b4a4aa96 pairs: {GET /installation/repositories HTTP/1.1: null}{Accept: application/vnd.github.machine-man-preview+json}{Authorization: Bearer v1.4982e82b049629eb7b0afa3a78c64897c6d3b3de}{User-Agent: Java/11.0.7}{Host: api.github.com}{Connection: keep-alive}
2020.06.09 02:35:38 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@6a15563424 pairs: {null: HTTP/1.1 200 OK}{Date: Tue, 09 Jun 2020 09:35:39 GMT}{Content-Type: application/json; charset=utf-8}{Content-Length: 4582}{Server: GitHub.com}{Status: 200 OK}{X-RateLimit-Limit: 5000}{X-RateLimit-Remaining: 4997}{X-RateLimit-Reset: 1591698458}{Cache-Control: private, max-age=60, s-maxage=60}{Vary: Accept, Authorization, Cookie, X-GitHub-OTP}{ETag: "dc73ee879f25340ad9aa13f3095134cf"}{X-GitHub-Media-Type: github.machine-man-preview; format=json}{Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset}{Access-Control-Allow-Origin: *}{Strict-Transport-Security: max-age=31536000; includeSubdomains; preload}{X-Frame-Options: deny}{X-Content-Type-Options: nosniff}{X-XSS-Protection: 1; mode=block}{Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin}{Content-Security-Policy: default-src 'none'}{Vary: Accept-Encoding, Accept, X-Requested-With}{Vary: Accept-Encoding}{X-GitHub-Request-Id: DBD1:41F9F:C0F5091:E6985DE:5EDF57EB}
2020.06.09 02:35:38 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][c.g.m.s.p.c.p.g.v.GraphqlCheckRunProvider] Using request: mutation { createCheckRun (input:{conclusion:SUCCESS,output:{summary:"![Passed](http://localhost:9000/static/communityBranchPlugin/checks/QualityGateBadge/passed.svg?sanitize=true)
# Analysis Details
## 0 Issues
- ![Bug](http://localhost:9000/static/communityBranchPlugin/common/bug.svg?sanitize=true) 0 Bugs
- ![Vulnerability](http://localhost:9000/static/communityBranchPlugin/common/vulnerability.svg?sanitize=true) 0 Vulnerabilities
- ![Code Smell](http://localhost:9000/static/communityBranchPlugin/common/vulnerability.svg?sanitize=true) 0 Code Smells
## Coverage and Duplications
- ![No coverage information](http://localhost:9000/static/communityBranchPlugin/checks/CoverageChart/NoCoverageInfo.svg?sanitize=true) No coverage information (0.00% Estimated after merge)
- ![No duplication information](http://localhost:9000/static/communityBranchPlugin/checks/Duplications/NoDuplicationInfo.svg?sanitize=true) No duplication information (27.40% Estimated after merge)
[View in SonarQube](http://localhost:9000/dashboard?id=Tmp&pullRequest=24)",annotations:[],title:"Quality Gate success"},completedAt:"2020-06-09T09:35:38Z",detailsUrl:"http://localhost:9000/dashboard?id=Tmp&pullRequest=24",repositoryId:"MDEwOlJlcG9zaXRvcnkyNjg4MTA5NTA=",name:"Sonarqube Results",startedAt:"2020-06-09T09:34:47Z",externalId:"AXKYb0rUEJQI0jAmnMxO",headSha:"7319f79c721d65a73dc697e2a2331bf4edf40beb",status:COMPLETED}) { clientMutationId checkRun { id } } }
2020.06.09 02:35:38 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@1a2d1fc611 pairs: {POST /graphql HTTP/1.1: null}{Content-Type: application/json}{Accept: application/vnd.github.antiope-preview+json}{charset: utf-8}{Authorization: Bearer v1.4982e82b049629eb7b0afa3a78c64897c6d3b3de}{Cache-Control: no-cache}{Pragma: no-cache}{User-Agent: Java/11.0.7}{Host: api.github.com}{Connection: keep-alive}{Content-Length: 1562}
2020.06.09 02:35:38 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][s.n.w.p.h.HttpURLConnection] sun.net.www.MessageHeader@6d09964322 pairs: {null: HTTP/1.1 200 OK}{Date: Tue, 09 Jun 2020 09:35:40 GMT}{Content-Type: application/json; charset=utf-8}{Content-Length: 206}{Server: GitHub.com}{Status: 200 OK}{Cache-Control: no-cache}{X-GitHub-Media-Type: github.antiope-preview; format=json}{X-RateLimit-Limit: 5000}{X-RateLimit-Remaining: 4997}{X-RateLimit-Reset: 1591698459}{Access-Control-Expose-Headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset}{Access-Control-Allow-Origin: *}{Strict-Transport-Security: max-age=31536000; includeSubdomains; preload}{X-Frame-Options: deny}{X-Content-Type-Options: nosniff}{X-XSS-Protection: 1; mode=block}{Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin}{Content-Security-Policy: default-src 'none'}{Vary: Accept-Encoding, Accept, X-Requested-With}{Vary: Accept-Encoding}{X-GitHub-Request-Id: DBD1:41F9F:C0F5121:E69867F:5EDF57EB}
2020.06.09 02:35:38 DEBUG ce[AXKYbz_r2lcoanXgpXBZ][c.g.m.s.p.c.p.g.v.GraphqlCheckRunProvider] Received response: GraphQLResponseEntity{errors=[Error{message='No commit found for SHA: 7319f79c721d65a73dc697e2a2331bf4edf40beb', locations=[Location{line='1', column='12'}]}], headers=[Status:200 OK][null:HTTP/1.1 200 OK][Server:GitHub.com][Access-Control-Allow-Origin:*][X-Content-Type-Options:nosniff][X-RateLimit-Reset:1591698459][Date:Tue, 09 Jun 2020 09:35:40 GMT][Referrer-Policy:origin-when-cross-origin, strict-origin-when-cross-origin][X-Frame-Options:deny][Strict-Transport-Security:max-age=31536000; includeSubdomains; preload][Access-Control-Expose-Headers:ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset][X-RateLimit-Remaining:4997][Cache-Control:no-cache][X-GitHub-Media-Type:github.antiope-preview; format=json][Content-Security-Policy:default-src 'none'][Vary:Accept-EncodingAccept-Encoding, Accept, X-Requested-With][X-RateLimit-Limit:5000][X-XSS-Protection:1; mode=block][Content-Length:206][X-GitHub-Request-Id:DBD1:41F9F:C0F5121:E69867F:5EDF57EB][Content-Type:application/json; charset=utf-8], response=null}
I've just created a new organisation, an app and repo under it, configured Sonarqube to use that new app, and successfully decorated a PR in the repo, so can't replicate your issue.
Since you've obfuscated your JWT I can't check the timestamps or signatures in them, but please check you've given Sonarqube the correct PEM contents for your application.
@qww-tmp were you able to gather any more information on this? I've been unable to replicate this issue and it's been lying dormant for a month now without any further feedback or replication steps.
Closing since the issue can't be replicated. Please add any further details it you'd like the issue to be reopened.
in my case an incorrect time on the machine where sonarqube is running by lagging by several minutes caused this. debugging with -Djavax.net.debug=ssl -Djavax.net.debug=all
showed that github replied with
"message":"'Expiration time' claim ('exp') must be a numeric value representing the future time at which the assertion expires","documentation_url":"https://docs.github.com/rest".
Solution: correcting the time(thru ntpd) fixed the 401 issue
Good to have: maybe logging the body of the Github's response as ERROR would be convenient w/o enabling debug mode
Describe the bug Try to add checks at organization repo. And got error: Server returned HTTP response code: 401 for URL: https://api.github.com/app/installations But, if repo on my own acc, then all works fine.
To Reproduce
Software Versions
Additional context
M.b. I do something wrong? Or PR decor doesn't support organization repo?