Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 418502 - SonarQube 3.7.1 requires a reverse-proxy
Summary: SonarQube 3.7.1 requires a reverse-proxy
Status: RESOLVED FIXED
Alias: None
Product: Community
Classification: Eclipse Foundation
Component: Sonar (show other bugs)
Version: unspecified   Edit
Hardware: All All
: P3 blocker (vote)
Target Milestone: ---   Edit
Assignee: Generic Inbox CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-10-02 08:35 EDT by Mickael Istria CLA
Modified: 2013-10-03 11:33 EDT (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Mickael Istria CLA 2013-10-02 08:35:05 EDT 
I upgraded Sonar to 3.7.1 this allow usage of Maven 3.1, on request of the community.
However, it appears that all current Sonar jobs are failing because Sonar has stricter handling of HTTPS. Here is what the FAQ says: http://docs.codehaus.org/display/SONAR/Frequently+Asked+Questions#FrequentlyAskedQuestions-CanSonarQuberuninHTTPSmode

Would it be possible to configure the dev.eclipse.org/sonar proxy to set
RequestHeader set X_FORWARDED_PROTO ‘https’
?
Comment 1 Denis Roy CLA 2013-10-02 16:58:10 EDT 
Sonar wasn't even configured with an explicit Reverse proxy:

ProxyPass           /sonar http://[snip]:port/sonar
# this line was missing:
ProxyPassReverse    /sonar http://[snip]:port/sonar

If I add the header it will be applied to all of the https://dev.eclipse.org vhost, since, according to the docs, I can't scope it to a specific location.

Let me know if the above fix doesn't help, and I'll look into it further.
Comment 2 Mickael Istria CLA 2013-10-03 02:49:05 EDT 
This didn't solve the problem, there is still the same error with Sonar ( the issue is explained here http://sonarqube.15.x6.nabble.com/302-Error-Accessing-sonar-batch-bootstrap-index-td5011988.html ).
Comment 3 Denis Roy CLA 2013-10-03 10:49:27 EDT 
I was able to scope the Sonar proxypass, and I've added the header.

    <Location /sonar>
        ProxyPass http://[snip]:8080/sonar
        RequestHeader set X_FORWARDED_PROTO https
    </Location>
Comment 4 Marcel Bruch CLA 2013-10-03 11:12:18 EDT 
FWIW, it fails (for us) with a new error:

Caused by: org.apache.ibatis.exceptions.PersistenceException: 
### Error querying database.  Cause: org.postgresql.util.PSQLException: ERROR: permission denied for relation permission_templates
### The error may exist in org.sonar.core.permission.PermissionTemplateMapper
### The error may involve org.sonar.core.permission.PermissionTemplateMapper.selectByKey-Inline
### The error occurred while setting parameters
### SQL: SELECT id, name, kee, description, created_at AS createdAt, updated_at AS updatedAt     FROM permission_templates     WHERE kee = ?
### Cause: org.postgresql.util.PSQLException: ERROR: permission denied for relation permission_templates
	at org.apache.ibatis.exceptions.ExceptionFactory.wrapException(ExceptionFactory.java:23)

See https://hudson.eclipse.org/recommenders/job/origin.master.kepler/76/console for details.
Comment 5 Mickael Istria CLA 2013-10-03 11:33:05 EDT 
The reverse proxy issue seems resolved and sonar aaven plugin seems to fetch files correctly. Thanks Denis.
@Marcel: I guess it's worth reopening bug #417978 to track this error. I met the same for SWTBot-Sonar job.