gpt4 book ai didi

ssl - 如何让 waitForQualityGate() 函数与 https sonarqube 实例一起使用?

转载 作者:太空宇宙 更新时间:2023-11-03 14:37:20 25 4
gpt4 key购买 nike

我最近能够让我的 jenkins 实例连接到 https sonarqube 实例以运行 sonar-scanner

withCredentials([[
$class: 'UsernamePasswordMultiBinding',
credentialsId: 'sq-truststore',
usernameVariable: 'TS',
passwordVariable: 'PWD'
]]) {
withEnv(["SONAR_SCANNER_OPTS=-Djavax.net.ssl.trustStore=${TS} -Djavax.net.ssl.trustStorePassword=${PWD}"]) {
def scannerCmd = "sonar-scanner -e";
scannerCmd += " -Dsonar.login=${env.SONAR_AUTH_TOKEN}";
scannerCmd += " -Dsonar.password=";
sh "${scannerCmd}"
}
}

基本上,我遇到了与需要与 Jenkins 共享 (trustStore) 的 SonarQube SSL 证书相关的错误。现在,sonar-scanner 步骤工作正常。

我的问题与下一步有关:调用 waitForQualityGate() 函数。当我这样做时,出现以下错误:

sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
Caused: sun.security.validator.ValidatorException: PKIX path building failed
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:397)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:240)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1496)
Caused: javax.net.ssl.SSLHandshakeException
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1959)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1514)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1072)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1385)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1413)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1397)
at com.squareup.okhttp.Connection.connectTls(Connection.java:239)
at com.squareup.okhttp.Connection.connectSocket(Connection.java:201)
at com.squareup.okhttp.Connection.connect(Connection.java:172)
at com.squareup.okhttp.Connection.connectAndSetOwner(Connection.java:358)
at com.squareup.okhttp.OkHttpClient$1.connectAndSetOwner(OkHttpClient.java:117)
at com.squareup.okhttp.internal.http.HttpEngine.connect(HttpEngine.java:329)
at com.squareup.okhttp.internal.http.HttpEngine.sendRequest(HttpEngine.java:246)
at com.squareup.okhttp.Call.getResponse(Call.java:276)
at com.squareup.okhttp.Call$ApplicationInterceptorChain.proceed(Call.java:234)
at com.squareup.okhttp.Call.getResponseWithInterceptorChain(Call.java:196)
at com.squareup.okhttp.Call.execute(Call.java:79)
at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:209)
at org.sonarqube.ws.client.HttpConnector.get(HttpConnector.java:154)
at org.sonarqube.ws.client.HttpConnector.call(HttpConnector.java:143)
at hudson.plugins.sonar.client.HttpClient.getHttp(HttpClient.java:35)
at hudson.plugins.sonar.client.WsClient.getCETask(WsClient.java:66)
at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.checkTaskCompleted(WaitForQualityGateStep.java:146)
at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.start(WaitForQualityGateStep.java:108)
at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:224)
at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:150)
at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:108)
at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1283)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1177)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1027)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:815)
at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1283)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1177)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1027)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:815)
at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1283)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1177)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1027)
at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:19)
Caused: java.lang.IllegalStateException: Fail to request https://sonarqubeURL/api/ce/task?id=AV7hRqqlKH-K3Owt_Ome
at org.sonarqube.ws.client.HttpConnector.doCall(HttpConnector.java:212)
at org.sonarqube.ws.client.HttpConnector.get(HttpConnector.java:154)
at org.sonarqube.ws.client.HttpConnector.call(HttpConnector.java:143)
at hudson.plugins.sonar.client.HttpClient.getHttp(HttpClient.java:35)
at hudson.plugins.sonar.client.WsClient.getCETask(WsClient.java:66)
at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.checkTaskCompleted(WaitForQualityGateStep.java:146)
at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.start(WaitForQualityGateStep.java:108)
at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:224)
at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:150)
at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:108)
at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1283)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1177)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1027)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:815)
at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1283)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1177)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1027)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:815)
at groovy.lang.GroovyObjectSupport.invokeMethod(GroovyObjectSupport.java:46)
at groovy.lang.MetaClassImpl.invokeMethodOnGroovyObject(MetaClassImpl.java:1283)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1177)
at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1027)
at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:42)
at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:48)
at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:113)
at com.cloudbees.groovy.cps.sandbox.DefaultInvoker.methodCall(DefaultInvoker.java:19)
at testQualityGate.call(/var/lib/jenkins/jobs/axa-gs-asia/jobs/digital-kitchen-asia/builds/70/libs/my-library/vars/testQualityGate.groovy:13)
at ___cps.transform___(Native Method)
at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:57)
at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:109)
at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixName(FunctionCallBlock.java:77)
at sun.reflect.GeneratedMethodAccessor210.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
at com.cloudbees.groovy.cps.Next.step(Next.java:83)
at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:173)
at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:162)
at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:122)
at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:261)
at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:162)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:19)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:35)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable$1.call(SandboxContinuable.java:32)
at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.GroovySandbox.runInSandbox(GroovySandbox.java:108)
at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:32)
at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:174)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:330)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$100(CpsThreadGroup.java:82)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:242)
at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:230)
at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:64)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:112)
at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:28)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)

这个错误似乎也与 SSL 有关,但我无法使 waitForQualityGate() 函数正常工作,即使我尝试在调用该函数之前添加所需的参数,例如:

withCredentials([[
$class: 'UsernamePasswordMultiBinding',
credentialsId: 'sq-truststore',
usernameVariable: 'TS',
passwordVariable: 'PWD'
]]) {
withEnv(["SONAR_SCANNER_OPTS=-Djavax.net.ssl.trustStore=${TS} -Djavax.net.ssl.trustStorePassword=${PWD}"]) {
def qg = waitForQualityGate()
if (qg.status != 'OK') {
error "Pipeline aborted due to quality gate failure: ${qg.status}"
}
}
}

任何关于我如何让这个工作的想法将不胜感激。

最佳答案

经过多次尝试,这里的解决方案是:

  • 将 Sonar 扫描仪更新到 2.6.1 版
  • 在我启动 jenkins 时添加 JAVA_OPTS 以在启动时提供信任库信息

关于ssl - 如何让 waitForQualityGate() 函数与 https sonarqube 实例一起使用?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46540301/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com