为什么 SonarQube 不从 yaml 构建更新 Azure DevOps 质量门状态?
Why is SonarQube not updating Azure DevOps quality gate status from yaml builds?
我让 SonarQube 任务更新 Azure DevOps 构建中的拉取请求状态。在迁移到 YAML 时,相同的任务集什么都不做。在传统的构建管道中,这是可行的。
我们从准备 sonarqube 任务开始,构建源代码,运行 代码分析,然后发布质量门结果。
一切都是绿色的。没有错误,但 PR 仍未更新。
日志也完全没有问题。
##[debug]loading ENDPOINT_AUTH_PARAMETER_SYSTEMVSSCONNECTION_ACCESSTOKEN
##[debug]loading ENDPOINT_AUTH_SCHEME_SYSTEMVSSCONNECTION
##[debug]loading ENDPOINT_AUTH_SYSTEMVSSCONNECTION
##[debug]loading INPUT_POLLINGTIMEOUTSEC
##[debug]loading SECRET_SONARQUBE_ENDPOINT
##[debug]loading SECRET_SYSTEM_ACCESSTOKEN
##[debug]loaded 6
##[debug]Agent.ProxyUrl=undefined
##[debug]Agent.CAInfo=undefined
##[debug]Agent.ClientCert=undefined
##[debug]Agent.SkipCertValidation=undefined
##[debug]SONARQUBE_SCANNER_PARAMS={"sonar.host.url":"http://my.Server:9000/sonarqube","sonar.login":***,"sonar.projectKey":"MyProjectNew","sonar.projectName":"MyProjectNew","sonar.projectVersion":"1.2.1-PullRequest0857.4","sonar.pullrequest.key":"857","sonar.pullrequest.base":"release/1.2.0","sonar.pullrequest.branch":"test_sq","sonar.pullrequest.provider":"vsts","sonar.pullrequest.vsts.instanceUrl":"https://my.Server/azure.devops/","sonar.pullrequest.vsts.project":"MyProject","sonar.pullrequest.vsts.repository":"MyProject","sonar.scanner.metadataFilePath":"C:\902_agent2\_work\_temp\sonar\1.2.1-PullRequest0857.4\cbdee85f-7901-004a-4db3-ce64c82c3a94\report-task.txt","sonar.verbose":"true"}
##[debug]SONARQUBE_ENDPOINT=***
##[debug][SQ] API GET: '/api/metrics/search' with query "{"f":"name","ps":500}"
##[debug]pollingTimeoutSec=300
##[debug][SQ] API GET: '/api/server/version' with query "undefined"
##[debug]Response: 200 Body: "8.0.0.29455"
##[debug]Build.BuildNumber=1.2.1-PullRequest0857.4
##[debug][SQ] Task status:IN_PROGRESS
##[debug][SQ] Waiting for task 'AXDJFJJRnBJSMrEnUvVb' to complete.
##[debug][SQ] API GET: '/api/ce/task' with query "{"id":"AXDJFJJRnBJSMrEnUvVb"}"
##[debug]Response: 200 Body: "{"task":{"id":"AXDJFJJRnBJSMrEnUvVb","type":"REPORT","componentId":"AXCqY5jNnBJSMrEnUvTJ","componentKey":"MyProjectNew","componentName":"MyProjectNew","componentQualifier":"TRK","status":"IN_PROGRESS","submittedAt":"2020-03-11T11:38:58+0100","submitterLogin":"admin","startedAt":"2020-03-11T11:38:58+0100","executionTimeMs":15906,"logs":false,"organization":"default-organization","pullRequest":"857","warnings":[]}}"
##[debug][SQ] Task status:IN_PROGRESS
##[debug][SQ] Waiting for task 'AXDJFJJRnBJSMrEnUvVb' to complete.
##[debug][SQ] API GET: '/api/ce/task' with query "{"id":"AXDJFJJRnBJSMrEnUvVb"}"
##[debug]Response: 200 Body: "{"task":{"id":"AXDJFJJRnBJSMrEnUvVb","type":"REPORT","componentId":"AXCqY5jNnBJSMrEnUvTJ","componentKey":"MyProjectNew","componentName":"MyProjectNew","componentQualifier":"TRK","analysisId":"AXDJLSW--Jp4Jqq6qd3Y","status":"SUCCESS","submittedAt":"2020-03-11T11:38:58+0100","submitterLogin":"admin","startedAt":"2020-03-11T11:38:58+0100","executedAt":"2020-03-11T11:39:15+0100","executionTimeMs":16516,"logs":false,"hasScannerContext":true,"organization":"default-organization","pullRequest":"857","warningCount":0,"warnings":[]}}"
##[debug][SQ] Task status:SUCCESS
##[debug][SQ] Task complete: {"id":"AXDJFJJRnBJSMrEnUvVb","type":"REPORT","componentId":"AXCqY5jNnBJSMrEnUvTJ","componentKey":"MyProjectNew","componentName":"MyProjectNew","componentQualifier":"TRK","analysisId":"AXDJLSW--Jp4Jqq6qd3Y","status":"SUCCESS","submittedAt":"2020-03-11T11:38:58+0100","submitterLogin":"admin","startedAt":"2020-03-11T11:38:58+0100","executedAt":"2020-03-11T11:39:15+0100","executionTimeMs":16516,"logs":false,"hasScannerContext":true,"organization":"default-organization","pullRequest":"857","warningCount":0,"warnings":[]}
##[debug][SQ] Retrieve Analysis id 'AXDJLSW--Jp4Jqq6qd3Y.'
##[debug][SQ] API GET: '/api/qualitygates/project_status' with query "{"analysisId":"AXDJLSW--Jp4Jqq6qd3Y"}"
##[debug]Response: 200 Body: "{"projectStatus":{"status":"OK","conditions":[{"status":"OK","metricKey":"new_reliability_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_security_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_maintainability_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"}],"periods":[],"ignoredConditions":false}}"
##[debug][SQ] Generate analysis report.'
##[debug]Number of analyses in this build: 1
##[debug]Overall Quality Gate status: ok
##[debug]System.TeamFoundationCollectionUri=https://my.Server/azure.devops/
##[debug]System.TeamProjectId=d93c50f4-ade5-4e28-99c0-35966c7a0de6
##[debug]Build.BuildId=14012
##[debug][{"op":0,"path":"/sonarglobalqualitygate","value":"ok"}]
SYSTEMVSSCONNECTION exists true
##[debug]SYSTEMVSSCONNECTION exists true
SYSTEMVSSCONNECTION exists true
##[debug]SYSTEMVSSCONNECTION exists true
##[debug]Acquiring a build API object.
##[debug]Creating a new build property with global Quality Gate Status
##[debug]build.artifactStagingDirectory=C:2_agent2\_work\a
##[debug][SQ] Summary saved at: C:2_agent2\_work\a\.sqAnalysis\SonarQubeBuildSummary.md
##[debug][SQ] Uploading build summary from C:2_agent2\_work\a\.sqAnalysis\SonarQubeBuildSummary.md
##[debug]Processed: ##vso[task.addattachment type=Distributedtask.Core.Summary;name=SonarQube Analysis Report;]C:2_agent2\_work\a\.sqAnalysis\SonarQubeBuildSummary.md
感谢 SonarSource 上的@mickaelcaro 我查看了日志!
web.log 里什么都没有,但我打开了 ce.logs,发现了这个:
2020.03.12 11:37:29 WARN ce[AXDOTaXpnKCkbQ_udAPU][c.s.C.D.C.C] Failed to decorate Azure DevOps Pull Request: API resource location 225f7195-f9c7-4d14-ab28-a83f7ff77e1f is not registered on https://My.Azure.DevOps.Server/. javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
运行:
keytool -import -alias tfs -keystore "C:\Program Files\Java\jdk-12.0.1\lib\security\cacerts" -file c:\certs\my-b64.cer
输入密码,changeit 如果您还没有设置自己的密码。
我让 SonarQube 任务更新 Azure DevOps 构建中的拉取请求状态。在迁移到 YAML 时,相同的任务集什么都不做。在传统的构建管道中,这是可行的。
我们从准备 sonarqube 任务开始,构建源代码,运行 代码分析,然后发布质量门结果。
一切都是绿色的。没有错误,但 PR 仍未更新。
日志也完全没有问题。
##[debug]loading ENDPOINT_AUTH_PARAMETER_SYSTEMVSSCONNECTION_ACCESSTOKEN
##[debug]loading ENDPOINT_AUTH_SCHEME_SYSTEMVSSCONNECTION
##[debug]loading ENDPOINT_AUTH_SYSTEMVSSCONNECTION
##[debug]loading INPUT_POLLINGTIMEOUTSEC
##[debug]loading SECRET_SONARQUBE_ENDPOINT
##[debug]loading SECRET_SYSTEM_ACCESSTOKEN
##[debug]loaded 6
##[debug]Agent.ProxyUrl=undefined
##[debug]Agent.CAInfo=undefined
##[debug]Agent.ClientCert=undefined
##[debug]Agent.SkipCertValidation=undefined
##[debug]SONARQUBE_SCANNER_PARAMS={"sonar.host.url":"http://my.Server:9000/sonarqube","sonar.login":***,"sonar.projectKey":"MyProjectNew","sonar.projectName":"MyProjectNew","sonar.projectVersion":"1.2.1-PullRequest0857.4","sonar.pullrequest.key":"857","sonar.pullrequest.base":"release/1.2.0","sonar.pullrequest.branch":"test_sq","sonar.pullrequest.provider":"vsts","sonar.pullrequest.vsts.instanceUrl":"https://my.Server/azure.devops/","sonar.pullrequest.vsts.project":"MyProject","sonar.pullrequest.vsts.repository":"MyProject","sonar.scanner.metadataFilePath":"C:\902_agent2\_work\_temp\sonar\1.2.1-PullRequest0857.4\cbdee85f-7901-004a-4db3-ce64c82c3a94\report-task.txt","sonar.verbose":"true"}
##[debug]SONARQUBE_ENDPOINT=***
##[debug][SQ] API GET: '/api/metrics/search' with query "{"f":"name","ps":500}"
##[debug]pollingTimeoutSec=300
##[debug][SQ] API GET: '/api/server/version' with query "undefined"
##[debug]Response: 200 Body: "8.0.0.29455"
##[debug]Build.BuildNumber=1.2.1-PullRequest0857.4
##[debug][SQ] Task status:IN_PROGRESS
##[debug][SQ] Waiting for task 'AXDJFJJRnBJSMrEnUvVb' to complete.
##[debug][SQ] API GET: '/api/ce/task' with query "{"id":"AXDJFJJRnBJSMrEnUvVb"}"
##[debug]Response: 200 Body: "{"task":{"id":"AXDJFJJRnBJSMrEnUvVb","type":"REPORT","componentId":"AXCqY5jNnBJSMrEnUvTJ","componentKey":"MyProjectNew","componentName":"MyProjectNew","componentQualifier":"TRK","status":"IN_PROGRESS","submittedAt":"2020-03-11T11:38:58+0100","submitterLogin":"admin","startedAt":"2020-03-11T11:38:58+0100","executionTimeMs":15906,"logs":false,"organization":"default-organization","pullRequest":"857","warnings":[]}}"
##[debug][SQ] Task status:IN_PROGRESS
##[debug][SQ] Waiting for task 'AXDJFJJRnBJSMrEnUvVb' to complete.
##[debug][SQ] API GET: '/api/ce/task' with query "{"id":"AXDJFJJRnBJSMrEnUvVb"}"
##[debug]Response: 200 Body: "{"task":{"id":"AXDJFJJRnBJSMrEnUvVb","type":"REPORT","componentId":"AXCqY5jNnBJSMrEnUvTJ","componentKey":"MyProjectNew","componentName":"MyProjectNew","componentQualifier":"TRK","analysisId":"AXDJLSW--Jp4Jqq6qd3Y","status":"SUCCESS","submittedAt":"2020-03-11T11:38:58+0100","submitterLogin":"admin","startedAt":"2020-03-11T11:38:58+0100","executedAt":"2020-03-11T11:39:15+0100","executionTimeMs":16516,"logs":false,"hasScannerContext":true,"organization":"default-organization","pullRequest":"857","warningCount":0,"warnings":[]}}"
##[debug][SQ] Task status:SUCCESS
##[debug][SQ] Task complete: {"id":"AXDJFJJRnBJSMrEnUvVb","type":"REPORT","componentId":"AXCqY5jNnBJSMrEnUvTJ","componentKey":"MyProjectNew","componentName":"MyProjectNew","componentQualifier":"TRK","analysisId":"AXDJLSW--Jp4Jqq6qd3Y","status":"SUCCESS","submittedAt":"2020-03-11T11:38:58+0100","submitterLogin":"admin","startedAt":"2020-03-11T11:38:58+0100","executedAt":"2020-03-11T11:39:15+0100","executionTimeMs":16516,"logs":false,"hasScannerContext":true,"organization":"default-organization","pullRequest":"857","warningCount":0,"warnings":[]}
##[debug][SQ] Retrieve Analysis id 'AXDJLSW--Jp4Jqq6qd3Y.'
##[debug][SQ] API GET: '/api/qualitygates/project_status' with query "{"analysisId":"AXDJLSW--Jp4Jqq6qd3Y"}"
##[debug]Response: 200 Body: "{"projectStatus":{"status":"OK","conditions":[{"status":"OK","metricKey":"new_reliability_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_security_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_maintainability_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"}],"periods":[],"ignoredConditions":false}}"
##[debug][SQ] Generate analysis report.'
##[debug]Number of analyses in this build: 1
##[debug]Overall Quality Gate status: ok
##[debug]System.TeamFoundationCollectionUri=https://my.Server/azure.devops/
##[debug]System.TeamProjectId=d93c50f4-ade5-4e28-99c0-35966c7a0de6
##[debug]Build.BuildId=14012
##[debug][{"op":0,"path":"/sonarglobalqualitygate","value":"ok"}]
SYSTEMVSSCONNECTION exists true
##[debug]SYSTEMVSSCONNECTION exists true
SYSTEMVSSCONNECTION exists true
##[debug]SYSTEMVSSCONNECTION exists true
##[debug]Acquiring a build API object.
##[debug]Creating a new build property with global Quality Gate Status
##[debug]build.artifactStagingDirectory=C:2_agent2\_work\a
##[debug][SQ] Summary saved at: C:2_agent2\_work\a\.sqAnalysis\SonarQubeBuildSummary.md
##[debug][SQ] Uploading build summary from C:2_agent2\_work\a\.sqAnalysis\SonarQubeBuildSummary.md
##[debug]Processed: ##vso[task.addattachment type=Distributedtask.Core.Summary;name=SonarQube Analysis Report;]C:2_agent2\_work\a\.sqAnalysis\SonarQubeBuildSummary.md
感谢 SonarSource 上的@mickaelcaro 我查看了日志! web.log 里什么都没有,但我打开了 ce.logs,发现了这个:
2020.03.12 11:37:29 WARN ce[AXDOTaXpnKCkbQ_udAPU][c.s.C.D.C.C] Failed to decorate Azure DevOps Pull Request: API resource location 225f7195-f9c7-4d14-ab28-a83f7ff77e1f is not registered on https://My.Azure.DevOps.Server/. javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
运行:
keytool -import -alias tfs -keystore "C:\Program Files\Java\jdk-12.0.1\lib\security\cacerts" -file c:\certs\my-b64.cer
输入密码,changeit 如果您还没有设置自己的密码。