search

mc1arke / sonarqube-community-branch-plugin

A plugin that allows branch analysis and pull request decoration in the Community version of Sonarqube
GNU Lesser General Public License v3.0
2.22k stars 521 forks source link

No content to map due to end-of-input #192

Closed ghsatpute closed 4 years ago

ghsatpute commented 4 years ago

I am trying to hook sonarqube with Github enterprise. I followed the steps given in README.md. When I run the sonar scan on Pull Request, I get this exception. 

2020.06.11 09:31:02 ERROR ce[AXKkOGXaKYALij0dy7TP][o.s.c.t.p.a.p.PostProjectAnalysisTasksExecutor] Execution of task class com.github.mc1arke.sonarqube.plugin.ce.pullrequest.PullRequestPostAnalysisTask failed
java.lang.IllegalStateException: Could not decorate Pull Request on Github
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.GithubPullRequestDecorator.decorateQualityGateStatus(GithubPullRequestDecorator.java:39)
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.PullRequestPostAnalysisTask.finished(PullRequestPostAnalysisTask.java:139)
    at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.executeTask(PostProjectAnalysisTasksExecutor.java:113)
    at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.finished(PostProjectAnalysisTasksExecutor.java:107)
    at org.sonar.ce.task.step.ComputationStepExecutor.executeListener(ComputationStepExecutor.java:91)
    at org.sonar.ce.task.step.ComputationStepExecutor.execute(ComputationStepExecutor.java:63)
    at org.sonar.ce.task.projectanalysis.taskprocessor.ReportTaskProcessor.process(ReportTaskProcessor.java:81)
    at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.executeTask(CeWorkerImpl.java:209)
    at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.run(CeWorkerImpl.java:191)
    at org.sonar.ce.taskprocessor.CeWorkerImpl.findAndProcessTask(CeWorkerImpl.java:158)
    at org.sonar.ce.taskprocessor.CeWorkerImpl$TrackRunningState.get(CeWorkerImpl.java:133)
    at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:85)
    at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:53)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
 at [Source: (InputStreamReader); line: 1, column: 0]
    at com.fasterxml.jackson.databind.exc.MismatchedInputException.from(MismatchedInputException.java:59)
    at com.fasterxml.jackson.databind.DeserializationContext.reportInputMismatch(DeserializationContext.java:1356)
    at com.fasterxml.jackson.databind.ObjectReader._initForReading(ObjectReader.java:358)
    at com.fasterxml.jackson.databind.ObjectReader._bindAndClose(ObjectReader.java:1596)
    at com.fasterxml.jackson.databind.ObjectReader.readValue(ObjectReader.java:1203)
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.v3.RestApplicationAuthenticationProvider.getInstallationToken(RestApplicationAuthenticationProvider.java:88)
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.v4.GraphqlCheckRunProvider.createCheckRun(GraphqlCheckRunProvider.java:106)
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.GithubPullRequestDecorator.decorateQualityGateStatus(GithubPullRequestDecorator.java:37)
    ... 19 common frames omitted
2020.06.11 09:31:02 INFO  ce[AXKkOGXaKYALij0dy7TP][o.s.c.t.CeWorkerImpl] Executed task | project=com.teradata.baas:api | type=REPORT | pullRequest=1 | id=AXKkOGXaKYALij0dy7TP | status=SUCCESS | time=2360ms

I'm not sure because of what this is failing.

mc1arke commented 4 years ago

Github is closing the connection without having sent back some/all of the JSON response. Can you confirm the URL you have configured for your Github connection please? Feel free to obfuscate the hostname, but not any protocol, port, or path details.

ghsatpute commented 4 years ago

Thanks @mc1arke for quick reply.

This is the Github Enterprise URL http://github.<custom-domain>/api/v3

I tried with using https but then I get this error 

java.lang.IllegalStateException: Could not decorate Pull Request on Github
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.GithubPullRequestDecorator.decorateQualityGateStatus(GithubPullRequestDecorator.java:39)
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.PullRequestPostAnalysisTask.finished(PullRequestPostAnalysisTask.java:139)
    at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.executeTask(PostProjectAnalysisTasksExecutor.java:113)
    at org.sonar.ce.task.projectanalysis.api.posttask.PostProjectAnalysisTasksExecutor.finished(PostProjectAnalysisTasksExecutor.java:107)
    at org.sonar.ce.task.step.ComputationStepExecutor.executeListener(ComputationStepExecutor.java:91)
    at org.sonar.ce.task.step.ComputationStepExecutor.execute(ComputationStepExecutor.java:63)
    at org.sonar.ce.task.projectanalysis.taskprocessor.ReportTaskProcessor.process(ReportTaskProcessor.java:81)
    at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.executeTask(CeWorkerImpl.java:209)
    at org.sonar.ce.taskprocessor.CeWorkerImpl$ExecuteTask.run(CeWorkerImpl.java:191)
    at org.sonar.ce.taskprocessor.CeWorkerImpl.findAndProcessTask(CeWorkerImpl.java:158)
    at org.sonar.ce.taskprocessor.CeWorkerImpl$TrackRunningState.get(CeWorkerImpl.java:133)
    at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:85)
    at org.sonar.ce.taskprocessor.CeWorkerImpl.call(CeWorkerImpl.java:53)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: javax.net.ssl.SSLException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:133)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:320)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:263)
    at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:258)
    at java.base/sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1314)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:408)
    at java.base/sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:567)
    at java.base/sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
    at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1587)
    at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1515)
    at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:250)
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.v3.RestApplicationAuthenticationProvider.getInstallationToken(RestApplicationAuthenticationProvider.java:87)
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.v4.GraphqlCheckRunProvider.createCheckRun(GraphqlCheckRunProvider.java:106)
    at com.github.mc1arke.sonarqube.plugin.ce.pullrequest.github.GithubPullRequestDecorator.decorateQualityGateStatus(GithubPullRequestDecorator.java:37)
    ... 19 common frames omitted
Caused by: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at java.base/sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:89)
    at java.base/sun.security.validator.Validator.getInstance(Validator.java:181)
    at java.base/sun.security.ssl.X509TrustManagerImpl.getValidator(X509TrustManagerImpl.java:300)
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrustedInit(X509TrustManagerImpl.java:176)
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:189)
    at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:129)
    at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1308)
    at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1199)
    at java.base/sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1146)
    at java.base/sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:443)
    at java.base/sun.security.ssl.HandshakeContext.dispatch(HandshakeContext.java:421)
    at java.base/sun.security.ssl.TransportContext.dispatch(TransportContext.java:177)
    at java.base/sun.security.ssl.SSLTransport.decode(SSLTransport.java:164)
    at java.base/sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1152)
    at java.base/sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1063)
    at java.base/sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:402)
    ... 27 common frames omitted
Caused by: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
    at java.base/java.security.cert.PKIXParameters.setTrustAnchors(PKIXParameters.java:200)
    at java.base/java.security.cert.PKIXParameters.<init>(PKIXParameters.java:120)
    at java.base/java.security.cert.PKIXBuilderParameters.<init>(PKIXBuilderParameters.java:104)
    at java.base/sun.security.validator.PKIXValidator.<init>(PKIXValidator.java:86)
    ... 43 common frames omitted
mc1arke commented 4 years ago

That second error is due to your JVM not having (or not being able to read) its truststore.

Does your Github instance respond on HTTP URL you've provided without any redirects?

ghsatpute commented 4 years ago

Github does redirect to HTTPS when tried to access with HTTP.

Regarding the first point: Apologies in advance if this is not the right place to ask this question, can you explain to me how to change the configuration so that JVM is able to read truststore. Also, is this when the SonarQube Community Branch Plugin tries to connect to GitHub? If yes, is there any way to tell don't check the certificate for Github URL?

mc1arke commented 4 years ago

Google will give you far more information than I would be able summarize here given I don't have all your installation details, however the stacktrace indicates that it's potentially your Github server presenting a certificate without any chain (intermediary or root) details. Is your Github server using a self-signed or internal-organisation certificate authority?

ghsatpute commented 4 years ago

The certificate is given by affirmtrust certificate authority - ov1.

I'll check for the steps to configure Java on Sonar instance to trust affirmtrust certificate authority - ov1.

ghsatpute commented 4 years ago

The issue was that Java didn't recognize the certificates given by affirmtrust certificate authority - ov1 I checked the location of JVM certificates by running 

root@sdl45569:~# file /usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts
/usr/lib/jvm/java-11-openjdk-amd64/lib/security/cacerts: symbolic link to /etc/ssl/certs/java/cacerts

Then I checked how many certificates it had. 


$ keytool -v -list -keystore  /etc/ssl/certs/java/cacerts
Warning: use -cacerts option to access cacerts keystore
Enter keystore password:

*****************  WARNING WARNING WARNING  *****************
* The integrity of the information stored in your keystore  *
* has NOT been verified!  In order to verify its integrity, *
* you must provide your keystore password.                  *
*****************  WARNING WARNING WARNING  *****************

Keystore type: PKCS12
Keystore provider: SUN

Your keystore contains 0 entries

I had installed another SonarQube server on some other machine, I just copied the cacerts from that machine to this one. I certainly don't recommend this but in my case it worked.

mc1arke commented 4 years ago

Closing this since it seems to be due to a incorrect configuration that has now been fixed.