SonarQube "Insufficient privileges"

sonarqube sonarqube5.1
16,437

User which runs analysis needs permissions:

  • global: Execute Analysis
  • project: BROWSE and SEE SOURCE CODE

Tested on SonarQube 5.1.1.

Share:
16,437

Related videos on Youtube

Yves Schumann
Author by

Yves Schumann

Updated on June 04, 2022

Comments

  • Yves Schumann
    Yves Schumann almost 2 years

    A lot of our build jobs fail at the moment as of the "Insufficient privileges" problem since the update to 5.x. The problem should be fixed in SonarQube 5.1 as stated in here but either it is in fact not fixed or there is another problem with the same error as we currently run SonarQube 5.1.1.

    Here's an example of the error message:

    08:27:13 [ERROR] Failed to execute goal org.codehaus.mojo:sonar-maven-plugin:2.6:sonar (default-cli) on project server: Fail to decorate 'org.sonar.api.resources.File@b77a66[key=src/main/java/ch/ti8m/security/hwtoken/server/services/impl/TOTPAlgorithm.java,path=src/main/java/ch/ti8m/security/hwtoken/server/services/impl/TOTPAlgorithm.java,filename=TOTPAlgorithm.java,language=Java]': Insufficient privileges -> [Help 1]
08:27:13 org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal org.codehaus.mojo:sonar-maven-plugin:2.6:sonar (default-cli) on project server: Fail to decorate 'org.sonar.api.resources.File@b77a66[key=src/main/java/ch/ti8m/security/hwtoken/server/services/impl/TOTPAlgorithm.java,path=src/main/java/ch/ti8m/security/hwtoken/server/services/impl/TOTPAlgorithm.java,filename=TOTPAlgorithm.java,language=Java]'
08:27:13    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:216)
08:27:13    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:153)
08:27:13    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:145)
08:27:13    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:116)
08:27:13    at org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject(LifecycleModuleBuilder.java:80)
08:27:13    at org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build(SingleThreadedBuilder.java:51)
08:27:13    at org.apache.maven.lifecycle.internal.LifecycleStarter.execute(LifecycleStarter.java:120)
08:27:13    at org.apache.maven.DefaultMaven.doExecute(DefaultMaven.java:355)
08:27:13    at org.apache.maven.DefaultMaven.execute(DefaultMaven.java:155)
08:27:13    at org.apache.maven.cli.MavenCli.execute(MavenCli.java:584)
08:27:13    at org.apache.maven.cli.MavenCli.doMain(MavenCli.java:216)
08:27:13    at org.apache.maven.cli.MavenCli.main(MavenCli.java:160)
08:27:13    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
08:27:13    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
08:27:13    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
08:27:13    at java.lang.reflect.Method.invoke(Method.java:606)
08:27:13    at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced(Launcher.java:289)
08:27:13    at org.codehaus.plexus.classworlds.launcher.Launcher.launch(Launcher.java:229)
08:27:13    at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode(Launcher.java:415)
08:27:13    at org.codehaus.plexus.classworlds.launcher.Launcher.main(Launcher.java:356)
08:27:13 Caused by: org.apache.maven.plugin.MojoExecutionException: Fail to decorate 'org.sonar.api.resources.File@b77a66[key=src/main/java/ch/ti8m/security/hwtoken/server/services/impl/TOTPAlgorithm.java,path=src/main/java/ch/ti8m/security/hwtoken/server/services/impl/TOTPAlgorithm.java,filename=TOTPAlgorithm.java,language=Java]'
08:27:13    at org.codehaus.mojo.sonar.bootstrap.ExceptionHandling.handle(ExceptionHandling.java:41)
08:27:13    at org.codehaus.mojo.sonar.bootstrap.RunnerBootstraper.execute(RunnerBootstraper.java:139)
08:27:13    at org.codehaus.mojo.sonar.SonarMojo.execute(SonarMojo.java:132)
08:27:13    at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(DefaultBuildPluginManager.java:132)
08:27:13    at org.apache.maven.lifecycle.internal.MojoExecutor.execute(MojoExecutor.java:208)
08:27:13    ... 19 more
08:27:13 Caused by: org.sonar.api.utils.SonarException: Fail to decorate 'org.sonar.api.resources.File@b77a66[key=src/main/java/ch/ti8m/security/hwtoken/server/services/impl/TOTPAlgorithm.java,path=src/main/java/ch/ti8m/security/hwtoken/server/services/impl/TOTPAlgorithm.java,filename=TOTPAlgorithm.java,language=Java]'
08:27:13    at org.sonar.batch.phases.DecoratorsExecutor.executeDecorator(DecoratorsExecutor.java:104)
08:27:13    at org.sonar.batch.phases.DecoratorsExecutor.decorateResource(DecoratorsExecutor.java:87)
08:27:13    at org.sonar.batch.phases.DecoratorsExecutor.decorateResource(DecoratorsExecutor.java:79)
08:27:13    at org.sonar.batch.phases.DecoratorsExecutor.decorateResource(DecoratorsExecutor.java:79)
08:27:13    at org.sonar.batch.phases.DecoratorsExecutor.execute(DecoratorsExecutor.java:71)
08:27:13    at org.sonar.batch.phases.DatabaseModePhaseExecutor.execute(DatabaseModePhaseExecutor.java:127)
08:27:13    at org.sonar.batch.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:264)
08:27:13    at org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:92)
08:27:13    at org.sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:77)
08:27:13    at org.sonar.batch.scan.ProjectScanContainer.scan(ProjectScanContainer.java:235)
08:27:13    at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:230)
08:27:13    at org.sonar.batch.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:228)
08:27:13    at org.sonar.batch.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:220)
08:27:13    at org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:92)
08:27:13    at org.sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:77)
08:27:13    at org.sonar.batch.scan.ScanTask.scan(ScanTask.java:57)
08:27:13    at org.sonar.batch.scan.ScanTask.execute(ScanTask.java:45)
08:27:13    at org.sonar.batch.bootstrap.TaskContainer.doAfterStart(TaskContainer.java:135)
08:27:13    at org.sonar.api.platform.ComponentContainer.startComponents(ComponentContainer.java:92)
08:27:13    at org.sonar.api.platform.ComponentContainer.execute(ComponentContainer.java:77)
08:27:13    at org.sonar.batch.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:158)
08:27:13    at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:95)
08:27:13    at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:67)
08:27:13    at org.sonar.runner.batch.IsolatedLauncher.execute(IsolatedLauncher.java:48)
08:27:13    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
08:27:13    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
08:27:13    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
08:27:13    at java.lang.reflect.Method.invoke(Method.java:606)
08:27:13    at org.sonar.runner.impl.BatchLauncher$1.delegateExecution(BatchLauncher.java:87)
08:27:13    at org.sonar.runner.impl.BatchLauncher$1.run(BatchLauncher.java:75)
08:27:13    at java.security.AccessController.doPrivileged(Native Method)
08:27:13    at org.sonar.runner.impl.BatchLauncher.doExecute(BatchLauncher.java:69)
08:27:13    at org.sonar.runner.impl.BatchLauncher.execute(BatchLauncher.java:50)
08:27:13    at org.sonar.runner.api.EmbeddedRunner.doExecute(EmbeddedRunner.java:102)
08:27:13    at org.sonar.runner.api.Runner.execute(Runner.java:100)
08:27:13    at org.codehaus.mojo.sonar.bootstrap.RunnerBootstraper.execute(RunnerBootstraper.java:135)
08:27:13    ... 22 more
08:27:13 Caused by: java.lang.IllegalStateException: Insufficient privileges
08:27:13    at org.sonar.batch.bootstrap.ServerClient.handleHttpException(ServerClient.java:137)
08:27:13    at org.sonar.batch.bootstrap.ServerClient.request(ServerClient.java:107)
08:27:13    at org.sonar.batch.bootstrap.ServerClient.request(ServerClient.java:99)
08:27:13    at org.sonar.batch.bootstrap.ServerClient.request(ServerClient.java:87)
08:27:13    at org.sonar.batch.issue.tracking.DefaultServerLineHashesLoader.loadHashesFromWs(DefaultServerLineHashesLoader.java:47)
08:27:13    at org.sonar.batch.issue.tracking.DefaultServerLineHashesLoader.getLineHashes(DefaultServerLineHashesLoader.java:38)
08:27:13    at org.sonar.batch.issue.tracking.SourceHashHolder.initHashes(SourceHashHolder.java:52)
08:27:13    at org.sonar.batch.issue.tracking.SourceHashHolder.getHashedReference(SourceHashHolder.java:60)
08:27:13    at org.sonar.batch.issue.tracking.IssueTracking.mapIssues(IssueTracking.java:83)
08:27:13    at org.sonar.batch.issue.tracking.IssueTracking.track(IssueTracking.java:55)
08:27:13    at org.sonar.batch.issue.tracking.IssueTrackingDecorator.doDecorate(IssueTrackingDecorator.java:139)
08:27:13    at org.sonar.batch.issue.tracking.IssueTrackingDecorator.decorate(IssueTrackingDecorator.java:113)
08:27:13    at org.sonar.batch.phases.DecoratorsExecutor.executeDecorator(DecoratorsExecutor.java:96)
08:27:13    ... 57 more
08:27:13 [ERROR] 
08:27:13 [ERROR] Re-run Maven using the -X switch to enable full debug logging.
08:27:13 [ERROR] 
08:27:13 [ERROR] For more information about the errors and possible solutions, please read the following articles:
08:27:13 [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
08:27:13 SonarQube analysis completed: FAILURE
08:27:13 Build step 'SonarQube' changed build result to FAILURE
08:27:13 Build step 'SonarQube' marked build as failure

    Any ideas on how to fix it? The workaround to gave permission to anyone is a NoGo as the whole system must respect some NDAs and so the access is restricted.

    • Julien L. - SonarSource Team
      Julien L. - SonarSource Team almost 9 years
      Hi, are you sure that the user used to run the analysis has the "Browse" permission on the project ?
    • Yves Schumann
      Yves Schumann almost 9 years
      Hi Julien, yes I'm sure. Verified this once again and the configured "SonarQube account login" on our Jenkins installation has "Browse" permission on every Sonarqube project. Please let me know if you need further details!
    • Seb - SonarSource Team
      Seb - SonarSource Team almost 9 years
      blindly troubleshooting here: does the analysis actually succeed if you try and use another user with higher permissions?
    • Yves Schumann
      Yves Schumann almost 9 years
      Hi Seb, I've tried it with the admin credentials and the analysis was successfully finished. So how to go ahead?
  • Yves Schumann
    Yves Schumann almost 9 years
    Checked this once again and the permissions are exactly like this but the Sonar analysis is still failing with insufficient permissions.
  • agabrys
    agabrys almost 9 years
    Is user a member of sonar-users?
  • Yves Schumann
    Yves Schumann almost 9 years
    Yes, it is member of sonar-users.
  • agabrys
    agabrys almost 9 years
    Could you add the log with debug enabled? Sometimes when I can not solve the problem, I perform these steps: stop SonarQube server, remove directory data/es (it will be generated during startup) and start the server. It sounds silly, but already I solved the 3 problems in this way.
  • agabrys
    agabrys almost 9 years
    Naxt silly question: could you login to SonarQube Web with this user? Mayby you have a problem with password?
  • Yves Schumann
    Yves Schumann almost 9 years
    Gotcha! That was the neccessary hint. Something with the credentials of the used account was wrong. After a reset of the credentials in the used Active Directory and re-entering them on Jenkins, everything works as expected.
  • l.cotonea
    l.cotonea almost 9 years
    @YvesSchumann: Then is it only a problem with LDAP or a problem with the LDAP and the user permission (global and project)?
  • ρяσѕρєя K
    ρяσѕρєя K over 8 years
    This should be a comment.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Maven throws "Cannot find symbol" in Jenkins
Sonar qube is not getting started
SonarQube: Coverage on New Code never calculated
Restart SonarQube Server remotely
Running a Sonar Analysis from the Dashboard
Failed to start SonarQube, Unable to start JVM: Permission denied (13)
NOSONAR tag to ignore an invalid issue still shows as an issue
Multi module project analysis with SonarQube
How to correctly configure the property "sonar.java.binaries"?
SonarQube says "Not covered by tests" for most of lines