Sonarqube plugin failing due to failed export

itmecho · March 3, 2020, 10:02am

We have a build using the sonarqube addon which was working until today. It seems like travis is doing something strange when trying to decrypt a secure environment variable:

https://travis-ci.org/manywho/sdk-java/jobs/657327826

Line 454: exports the variable
Line 954: Error about exporting “decrypt]”
Line 1827: Fails due to invalid sonarqube auth

We haven’t changed anything related to the build process or the SONAR_TOKEN variable since the last successful build. The previous build is using the same version of the sonarqube scanner

native-api · March 4, 2020, 2:24am

Adding debug printing to show /home/travis/.travis/job_stages shows that the failing command is the following:

export SONAR_TOKEN=[unable to decrypt]

This is because under secure:, you need to place the encrypted value returned by travis encrypt.

The immediate failure and the unhelpful error message is because Travis’ logic doesn’t quote variable values as required by shell syntax if they have spaces.

Note that your build would likely fail anyway because pull requests don’t have access to secret variables.

The documentation does mention that Sonarcloud support only works for “internal” pull requests – whatever that means.

So in addition to fixing the syntax, you’ll still need to not call mvn sonar:sonar for pull requests:

- if [[ $TRAVIS_PULL_REQUEST == "false" ]]; then mvn sonar:sonar <...>; fi

beng · March 5, 2020, 3:30pm

Hi,

Several other users reported a similar error, which started to appear on the 1st of March:

I tried this, but it didn’t help.
However, if I put the encrypted value in the .travis.yaml file instead of in a variable, it works.

The encrypted value doesn’t contain spaces… so this shouldn’t be the reason of failure…

Do you have other ideas why reading the encrypted variable could fail?

Thanks,
Benoit

robstoll · March 6, 2020, 7:13am

I have the same problem
https://travis-ci.org/robstoll/niok/jobs/658417869

However, in my case the exported variable seems to be successful:
$ export SONAR_TOKEN=[secure]
https://travis-ci.org/robstoll/niok/jobs/658417869#L444

But I still get:
ERROR: Not authorized. Please check the properties sonar.login and sonar.password.
https://travis-ci.org/robstoll/niok/jobs/658417869#L586

robstoll · April 17, 2020, 1:35pm

a solution was posted here https://community.sonarsource.com/t/error-not-authorized-please-check-the-properties-sonar-login-and-sonar-password/21076/8?u=robstoll

<…>
The definition in Travis for Sonar addon is changed:
<…>
To:
addons:
  sonarcloud:
    organization: "pepstock-org"
    token: ${SONAR_TOKEN}

LorenzoBettini · April 12, 2020, 10:47pm

I started to experience the same problem in builds which used to work perfectly fine, and I also see this in the log

/home/travis/.travis/job_stages: line 796: export: `decrypt]’: not a valid identifier

From what I understand from this issue https://github.com/travis-ci/travis-ci/issues/10138 if you encrypt SONAR_TOKEN in the Travis settings, you don’t need to specify anything else in the build.

So

    addons:
      sonarcloud:
        organization: "my orga"

is enough to access SonarCloud

192933488S · February 18, 2021, 10:48pm

Confirmed, error disappeared. Thanks