Add Handling for Company-Managed SonarQube without Admin Privileges

[tampatamp]

Hi,

i like to use your Plugin in my private projects and now i also would like to use it in the Company im working on.

But here we have more restricts regarding User-Rights/ Privileges on Sonarqube. For example, a User like me cant just create a new Sonarqube Project, i always have to ask a Collegue with Admin Rights for it. I just have the ability to generate Tokens which i can for example use with SonnarScanner to make a static code analyze of my project and send the Result to our Companies SonarQube Server.

When I try to use your Plugin on our Company Environment i will get the Error: > Task :flyer:androidAnalyzerRegisterProject ERROR 403 {"errors":[{"msg":"Insufficient privileges"}]} I had a look on your Code, and found this: ` /**

• Task for registering a new sonarqube project.

• Does nothing if the project already exists. */ proj.tasks.register(TaskSonarqubeProjectRegister) { it.outputs.upToDateWhen { false } it.group = TaskGroup it.description = "Creates a Sonarqube project"

          it.doLast {
              val body = FormBody.Builder()
                      .add("project", params.projectKey)
                      .add("name", params.projectName)
                      .add("visibility", params.projectVisibility)
                      .build()
  
              val request = Request.Builder()
                      .url("${params.serverUrl}/api/projects/create")
                      .post(body)
                      .build()
  
              val client = if (params.sonarqubeAuth) tokenOkHttpClient(token) else unauthenticatedOkHttpClient()
              val response = client.newCall(request).execute()
  
              if (response.isSuccessful) {
                  println("Project successfully created")
              } else {
                  println("ERROR ${response.code()}")
                  println(response.body()?.string())
              }
  
              response.close()
          }
      }

  `

I think in most cases, the User or the Tokens have enough Rights to create a new Project on SonarQube, but in my Case I´m getting a 403 (altough the Project already exists).

Im not really sure, if i am right with my assumption about the given code snippet... What do you think? Might this lead to my Error?

If for example, i am using the SonarScanner with sonar-scanner -Dsonar.projectKey=xxx-android -Dsonar.sources=. -Dsonar.host.url=https://xxx -Dsonar.login=myToken It works...

As I said, i love to use your Plugin for my private projects and it would be really nice if i could be able to use it also in my Company.

Thanks for this Plugin!

[AndroideRob-zz]

Hey, glad you like it!

Did you try to use sonarqubeToken parameter to pass your token instead of username/password?

Also, project creation might fail and it won't stop the execution, so this warning can be ignored in most cases (e.g. when the project already exists, you get a 400).

Could you try to use the parameter mentioned above (or the corresponding environment variable ANDROID_ANALYZER_SONARQUBE_TOKEN) and let me know if you still experience the issue?

[tampatamp]

Hey,

thanks for your quick Answer.

My Setup looks as follows:

androidAnalyzer {
    applicationId = 'xxx-module'
    projectName = 'xxx-module'
    detekt = false
}

The name on SonarQube for this Project is: xxx-module-android

And i also have setup the following two properties as Environment Properties: ANDROID_ANALYZER_SONARQUBE_TOKEN=a73c5011627xxxxxdexxxxa72d ANDROID_ANALYZER_SONARQUBE_URL=https://xxx.xxx

when i run the androidAnalyzer i get the Error: `

Task :flyer:androidAnalyzerRegisterProject ERROR 403 {"errors":[{"msg":"Insufficient privileges"}]} `

Are there some Debug-Logs i could use, to analyze it better for you?