SONARQUBEE 10.1 - Podman/Docker - 无法使用代理进行身份验证
问题描述 投票:0回答:1
我使用 ansible 在 Podman 环境上成功部署了 SonarQube EE 10.1。
我的 LDAP 连接工作正常,但是当我尝试访问 更新中心时,我在代理上收到了失败的身份验证。
我可以确认的是:
用户和密码不发送到代理验证
在 docker 上的旧版本 SonarQube 社区中,我有正确的身份验证:
我的设置:
- podman版本4.4.1
- sonarqube:10.1.0-企业
- 数据库:postgres:15.3-alpine
- 输入traefik:traefik:v2.10.4
环境:
sonarqube@7df9ce24de95:/opt/sonarqube$ java --version
openjdk 17.0.8 2023-07-18
OpenJDK Runtime Environment Temurin-17.0.8+7 (build 17.0.8+7)
OpenJDK 64-Bit Server VM Temurin-17.0.8+7 (build 17.0.8+7, mixed mode, sharing)
我的服务开始:
ExecStart=/usr/bin/podman container run \
--cidfile=%t/%n.ctr-id \
--cgroups=no-conmon \
--rm \
--sdnotify=conmon \
--replace \
--name sonarqube \
--network bridge \
--env "SONAR_JDBC_USERNAME=sonar" \
--env "SONAR_JDBC_PASSWORD=xxxxx" \
--env "SONAR_JDBC_URL=jdbc:postgresql://xxxxxxx:5432/sonar" \
--env "SONAR_CORE_SERVERBASEURL=https://xxxxxx.com" \
--env "SONAR_WEB_HTTP_MINTHREADS=5" \
--env "SONAR_WEB_HTTP_ACCEPTCOUNT=25" \
--env "SONAR_WEB_HTTP_KEEPALIVETIMEOUT=60000" \
--env "SONAR_WEB_SESSIONTIMEOUTINMINUTES=480" \
--env "SONAR_WEB_JAVAOPTS=-Xmx1g -Xms1g -XX:+HeapDumpOnOutOfMemoryError" \
--env "SONAR_WEB_JAVAADDITIONALOPTS=-Djava.net.preferIPv4Stack=true -Djdk.http.auth.tunneling.disabledSchemes= -Djdk.http.auth.proxying.disabledSchemes= " \
--env "SONAR_CE_JAVAOPTS=-Xmx2g -Xms2g" \
--env "SONAR_CE_JAVAADDITIONALOPTS=-XX:+HeapDumpOnOutOfMemoryError -Djdk.http.auth.tunneling.disabledSchemes= -Djdk.http.auth.proxying.disabledSchemes= " \
--env "SONAR_SECURITY_REALM=LDAP" \
--env "LDAP_URL=ldap://xxxxx:yyyyy" \
--env "[email protected]" \
--env "LDAP_BINDPASSWORD=xxxxxxxxxxx" \
--env "LDAP_USER_BASEDN=DC=xxxx,DC=xxxxxx-net,DC=com" \
--env "LDAP_USER_REALNAMEATTRIBUTE=sAMAccountName" \
--env "LDAP_USER_REQUEST=(&(objectClass=user)(|(memberOf=CN=xxxxxxx,OU=Groupes,OU=xxxx,DC=xxxxx,DC=xxxxxx-net,DC=com))(sAMAccountName={login}))" \
--env "HTTP_PROXYHOST=proxy.xxxxxxx.com" \
--env "HTTPS_PROXYHOST=proxy.xxxxxxx.comm" \
--env "HTTP_PROXYPORT=8080" \
--env "HTTPS_PROXYPORT=8080" \
--env "HTTP_PROXYUSER=Proxy-xxxxx" \
--env "HTTP_PROXYPASSWORD=xxxxxxx" \
--env "HTTPS_PROXYUSER=Proxy-xxxxx" \
--env "HTTPS_PROXYPASSWORD=xxxxxxx" \
--env "SONAR_SEARCH_JAVAOPTS=-Xmx4g -Xms4g" \
--env "SONAR_SEARCH_JAVAADDITIONALOPTS=-XX:+HeapDumpOnOutOfMemoryError" \
--env "SONAR_CE_PARALLELPROJECTTASKS=True" \
--label traefik.enable=true \
--label traefik.http.routers.sonarqube.rule=Host(`xxxxxx.com`) \
--label traefik.http.routers.sonarqube.entrypoints=https \
--label traefik.http.routers.sonarqube.tls=true \
--label traefik.http.routers.sonarqube.tls.options=myTLSOptions@file \
--label traefik.http.services.sonarqube.loadbalancer.server.port=9000 \
--publish 9000:9000 \
--volume sonarqube_data:/opt/sonarqube/data:rw,U \
--volume sonarqube_logs:/opt/sonarqube/logs:rw,U \
--volume sonarqube_extensions_plugins:/opt/sonarqube/extensions:rw,U \
--detach=True sonarqube:10.1.0-enterprise
声纳日志:
2023.09.04 12:39:51 ERROR web[AYpgNL31HNLjkonIAAAb][o.s.s.p.UpdateCenterClient] Fail to connect to update center
org.sonar.api.utils.SonarException: Fail to download: https://update.sonarsource.org/update-center.properties
at org.sonar.core.util.DefaultHttpDownloader.failToDownload(DefaultHttpDownloader.java:151)
at org.sonar.core.util.DefaultHttpDownloader.readString(DefaultHttpDownloader.java:107)
at org.sonar.api.utils.UriReader.readString(UriReader.java:69)
at org.sonar.server.plugins.UpdateCenterClient.init(UpdateCenterClient.java:111)
at org.sonar.server.plugins.UpdateCenterClient.getUpdateCenter(UpdateCenterClient.java:94)
at org.sonar.server.plugins.UpdateCenterMatrixFactory.getUpdateCenter(UpdateCenterMatrixFactory.java:44)
at org.sonar.server.plugins.ws.AvailableAction.handle(AvailableAction.java:84)
at org.sonar.server.ws.WebServiceEngine.execute(WebServiceEngine.java:111)
at org.sonar.server.platform.web.WebServiceFilter.doFilter(WebServiceFilter.java:84)
at org.sonar.server.platform.web.MasterServletFilter$JavaxFilterAdapter.doFilter(MasterServletFilter.java:227)
at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:198)
at org.sonar.server.platform.web.MasterServletFilter$HttpFilterChainAdapter.doFilter(MasterServletFilter.java:241)
at org.sonar.server.platform.web.SonarLintConnectionFilter.doFilter(SonarLintConnectionFilter.java:66)
at org.sonar.server.platform.web.MasterServletFilter$JavaxFilterAdapter.doFilter(MasterServletFilter.java:227)
at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:198)
at org.sonar.server.platform.web.MasterServletFilter.doFilter(MasterServletFilter.java:146)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:83)
at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:70)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.sonar.server.platform.web.CspFilter.doFilter(CspFilter.java:63)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:60)
at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:47)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:57)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.sonar.server.platform.web.RequestIdFilter.doFilter(RequestIdFilter.java:66)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:65)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:115)
at jdk.internal.reflect.GeneratedMethodAccessor34.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.security.SecurityUtil.lambda$execute$0(SecurityUtil.java:280)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at java.base/javax.security.auth.Subject.doAsPrivileged(Unknown Source)
at org.apache.catalina.security.SecurityUtil.execute(SecurityUtil.java:311)
at org.apache.catalina.security.SecurityUtil.doAsPrivilege(SecurityUtil.java:253)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:176)
at org.apache.catalina.core.ApplicationFilterChain.lambda$doFilter$0(ApplicationFilterChain.java:137)
at java.base/java.security.AccessController.doPrivileged(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:136)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:167)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130)
at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:262)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:389)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:926)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1791)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Unknown Source)
Caused by: java.io.IOException: Failed to authenticate with proxy
at okhttp3.internal.connection.RealConnection.createTunnel(RealConnection.kt:476)
at okhttp3.internal.connection.RealConnection.connectTunnel(RealConnection.kt:262)
at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:201)
at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226)
at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106)
at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74)
at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255)
at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
at org.sonar.core.util.DefaultHttpDownloader.executeCall(DefaultHttpDownloader.java:147)
at org.sonar.core.util.DefaultHttpDownloader.readString(DefaultHttpDownloader.java:104)
... 149 common frames omitted
我尝试了网上很多可用的解决方案,但几个参数的设置均不成功:
- 有或没有:jdk.http.auth.tunneling.disabledSchemes & jdk.http.auth.proxying.disabledSchemes
- 我尝试设置或不设置此处描述的所有代理信息:https://docs.sonarsource.com/sonarqube/latest/setup-and-upgrade/configure-and-operate-a-server/environment-variables/#update -中心
- 我还尝试在 var pod env 中设置 http 和 https 代理。
- 我还尝试使用 sonar.propertie 文件来避免使用 --env 参数
期望:
任何需要调查的想法或解决方案。 也许问题不在 SonarQube 中,而在其他地方......
1个回答
0
投票
投票
我在 docker swarm 上部署的 9.9 lts communauty 版本也有同样的问题。 代理主机和端口已正确考虑,但用户和密码似乎未发送到代理。我尝试过 env var、java 附加属性、修改 sonar.properties 文件。
最新问题
- 为什么sys socket receive函数不填充数据而是返回字节长度?
- 使用 vs code 和 venv 时的 Python 应用程序结构
- 如何解决读取虹膜数据时超时错误?
- R 在尝试加载 CSV 文件时崩溃
- 如何在制表器中创建过程中向每一行添加隐藏数据
- 如何在运行官方 Elasticsearch docker 镜像时设置默认的“elastic”用户密码?
- 仅在 React 和 JS 中生成深色
- jq 更新 key:value 对象并在开头匹配字符串
- 我必须使用 r^2 值将 sigmoid 函数拟合到两种类型的数据集(每种数据集 6 个数据集),然后绘制拟合函数的导数。我收到错误
- R 的类型提示,类似于 Python 或 Typescript 中的提示
- 如果您只有该文档的文档引用,如何查看该文档的 json 数据?
- 如何配置 Mongodb 模式以使用另一个集合中的 TTL 属性自动删除集合中的 mongodb 记录
- 我想为父母、它的孩子、它的孙子、它的曾孙等等获得一组平面结构的对象
- 更改Datagridview复选框单元格的复选框大小并增加可点击区域
- 为什么我的代码中不断收到 Valgrind 设置地址范围权限警告?
- 从Python程序调用脚本时更改Python虚拟环境
- self_function 无法工作——无法对超出末尾的列进行子集化
- 嵌套字典/列表的倒置层次结构
- Groovy 合并 2 个构建器类
- 我尝试使用 pip install 在“(MrinmoyEnv) C:\Users\Admin\MrinmoyEnv\MrinmoyEnv>”安装 fbprophet。 ModuleNotFoundError:没有名为“numpy”的模块
© www.soinside.com 2019 - 2024. All rights reserved.