任务Sonarqube https的Azure Pipepline [英] Azure Pipepline with task Sonarqube https
问题描述
我在Azure构建管道中添加了Sonarqube任务,为了登录我的声纳服务器,我需要运行一个命令,该命令使用trunst store ssl.
I added a Sonarqube task into my azure build pipeline, in order to login to my sonarqube server I need to run a command, which uses trunst store ssl.
我的管道如下所示:
- task: SonarSource.sonarqube.15B84CA1-B62F-4A2A-A403-89B77A063157.SonarQubePrepare@4
displayName: 'Prepare analysis on SonarQube'
inputs:
SonarQube: abc-sonarqube
scannerMode: CLI
configMode: manual
cliProjectKey: 'abc'
cliProjectName: 'abc'
cliSources: src
extraProperties: |
sonar.host.url=https://sonarqube.build.abcdef.com
sonar.ce.javaAdditionalOpts=-Djavax.net.ssl.trustStore=mvn/sonar.truststore -Djavax.net.ssl.trustStorePassword=changeit
我不确定,此命令"sonar.ce.javaAdditionalOpts = -Djavax.net.ssl.trustStore = mvn/sonar.truststore -Djavax.net.ssl.trustStorePassword = changeit"是否正确.
I am not sure, if this command "sonar.ce.javaAdditionalOpts=-Djavax.net.ssl.trustStore=mvn/sonar.truststore -Djavax.net.ssl.trustStorePassword=changeit" correct is.
我收到错误"API GET'/api/server/version'失败,错误是:{代码":"UNABLE_TO_VERIFY_LEAF_SIGNATURE"}
I got the error "API GET '/api/server/version' failed, error was: {"code":"UNABLE_TO_VERIFY_LEAF_SIGNATURE"} "
PS:我的项目是有角度的项目.
PS: my project is angular project.
任何解决方案?
推荐答案
带有Sonarqube https任务的天蓝色管道
Azure Pipepline with task Sonarqube https
此问题应与配置任务的工作方式有关.因此,即使我们将证书添加到Java Trustore中,设置配置的任务也会使用不同的运行时(至少不是Java)与服务器进行通信,这就是为什么您仍然会收到该证书错误的原因.
This issue should be related in how the configure task works. So, even if we add the certificate to the java trustore, the task that sets the configuration uses a different runtime (not java at least) to communicate with the server, that’s why you still get that certificate error.
要解决此问题,您可以尝试:
To resolve this issue, you could try to:
设置全局变量NODE_EXTRA_CA_CERTS,并将其设置为的副本 我们已经在本地存储在目录中的根证书.请参阅本文.
set a global variable, NODE_EXTRA_CA_CERTS, and set it to a copy of the root cert we had stored locally in a directory. See this article.
Check the related ticket for some more details.
希望这会有所帮助.
这篇关于任务Sonarqube https的Azure Pipepline的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
