I'm following Get started instructions on sonarcloud.io to execute the SonarQube Scanner for Maven from my computer:
mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.organization=ron190-github \
-Dsonar.login=9...e
Manual execution is working:
[INFO] ANALYSIS SUCCESSFUL, you can browse https://sonarcloud.io/dashboard/index
/jsql-injection:jsql-injection
But when I'm ready to automate with Travis CI it's failing with Not authorized. Please check the properties sonar.login and sonar.password.
:
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0.905:sonar (default-cli) on project jsql-injection: Not authorized. Please check the properties sonar.login and sonar.password. -> [Help 1]
And if I add sonar.login
to the mvn
command then it's working:
language: java
sudo: false
install: true
addons:
sonarcloud:
organization: "ron190-github"
token:
secure: "v...s="
jdk:
- oraclejdk8
script:
# JaCoCo is used to have code coverage, the agent has to be activated
# Not working
# - mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar
- mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar -Dsonar.login=9...e
cache:
directories:
- '$HOME/.m2/repository'
- '$HOME/.sonar/cache'
I have also used the example script.
Do you know why secure
token is ignored and why it's failing with default config?
I agree with Santhosh Tpixler that your problem is likely with the Travis encryption of the token. In my case I need
travis-ci.com
(opposed totravis-ci.org
, see https://devops.stackexchange.com/q/1201), therefore had to use the--pro
flag.From inside the project directory I used these commands:
The problem is with the travis encryption.
Correct encryption syntax:
travis encrypt 309473973909Z09R830 -r my-org/my-repo
No variable name, no quote.
If you are running
travis encrypt
inside your repo directory you can just usetravis encrypt 309473973909Z09R830
Kindly replace you token for
309473973909Z09R830
The above trick worked for me. Thought of making it more visible to the public.
Credits: @ron190
It seems that the tag
secure
is not working, use a repo variable instead: