Error using Travis CI with Sonarcloud: Not authorized. Please check the properties sonar.login and sonar.password

问题

I'm following Get started instructions on sonarcloud.io to execute the SonarQube Scanner for Maven from my computer:

mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar \
    -Dsonar.host.url=https://sonarcloud.io \
    -Dsonar.organization=ron190-github \
    -Dsonar.login=9...e

Manual execution is working:

[INFO] ANALYSIS SUCCESSFUL, you can browse https://sonarcloud.io/dashboard/index
/jsql-injection:jsql-injection

But when I'm ready to automate with Travis CI it's failing with Not authorized. Please check the properties sonar.login and sonar.password.:

[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0.905:sonar (default-cli) on project jsql-injection: Not authorized. Please check the properties sonar.login and sonar.password. -> [Help 1]

And if I add sonar.login to the mvn command then it's working:

language: java
sudo: false
install: true

addons:
  sonarcloud:
    organization: "ron190-github"
    token:
      secure: "v...s="

jdk:
  - oraclejdk8

script:
  # JaCoCo is used to have code coverage, the agent has to be activated
  # Not working
  # - mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar
  - mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar -Dsonar.login=9...e

cache:
  directories:
    - '$HOME/.m2/repository'
    - '$HOME/.sonar/cache'

I have also used the example script.

Do you know why secure token is ignored and why it's failing with default config?

回答1:

It seems that the tag secure is not working, use a repo variable instead:

language: java
sudo: false
install: true

addons:
  sonarcloud:
    organization: "ron190-github"

jdk:
  - oraclejdk8

script:
  # JaCoCo is used to have code coverage, the agent has to be activated
  - mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent package sonar:sonar -Dsonar.login=${SONAR_TOKEN}

cache:
  directories:
    - '$HOME/.m2/repository'
    - '$HOME/.sonar/cache'

回答2:

The problem is with the travis encryption.

Correct encryption syntax:

travis encrypt 309473973909Z09R830 -r my-org/my-repo

No variable name, no quote.

If you are running travis encrypt inside your repo directory you can just use

travis encrypt 309473973909Z09R830

Kindly replace you token for 309473973909Z09R830

The above trick worked for me. Thought of making it more visible to the public.

Credits: @ron190

回答3:

I agree with Santhosh Tpixler that your problem is likely with the Travis encryption of the token. In my case I need travis-ci.com (opposed to travis-ci.org, see https://devops.stackexchange.com/q/1201), therefore had to use the --pro flag.

From inside the project directory I used these commands:

travis login --pro
travis encrypt --pro <your-hexadecimal-token>

来源：https://stackoverflow.com/questions/50012220/error-using-travis-ci-with-sonarcloud-not-authorized-please-check-the-properti