playing with code coverage using jacoco

I had to play little bit with code coverage to fill data to sonar.

Here is simple settings

  • download this generated maven repo
  • fill sonar properties in pom.xml file
  • run
    mvn clean compile install sonar:sonar

 

This creates jacoco.exe file with results in html.

Advertisements

unable to find valid certification path to requested target

It is always preferred to use https instead of http (specially when using passwords and so on…)

We have switched our SonarQube (tool for Continuous Inspection of code quality) to use https for security reasons. Anyway I have noticed that Jenkins stop sending new quality codes to our sonar. When I have checked the logs I have seen this stacktrace:

Exception in thread "main" java.lang.IllegalStateException: Fail to request server version
	at org.sonar.runner.Bootstrapper.getServerVersion(Bootstrapper.java:73)
	at org.sonar.runner.Runner.checkSonarVersion(Runner.java:220)
	at org.sonar.runner.Runner.execute(Runner.java:150)
	at org.sonar.runner.Main.execute(Main.java:84)
	at org.sonar.runner.Main.main(Main.java:56)
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
	at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:150)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1584)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:174)
	at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:168)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:848)
	at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:106)
	at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:495)
	at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:433)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:877)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1089)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1116)
	at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1100)
	at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:402)
	at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
	at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:951)
	at java.net.URLConnection.getContent(URLConnection.java:682)
	at sun.net.www.protocol.https.HttpsURLConnectionImpl.getContent(HttpsURLConnectionImpl.java:406)
	at org.sonar.runner.Bootstrapper.remoteContent(Bootstrapper.java:125)
	at org.sonar.runner.Bootstrapper.getServerVersion(Bootstrapper.java:71)
	... 4 more

So here you can see that Jenkins has problem to “handshake” ssl certificate.

follow these steps:

Download InstallCert.java

Search google – it originally was done in Sun, but you can find this program on google codes or somewhere else. You can even download binaries of this file.

Add Trusted Keystore

Run “InstallCert.java” on server (where you run your https service). something like java InstallCert localhost:443 -> press “1”  when asked. It will add your “localhost” as a trusted keystore, and generate a file named “jssecacerts“.

[user@sonar ~]$ java InstallCert localhost:443
Loading KeyStore /usr/java/jdk1.6.0_37/jre/lib/security/cacerts...
Opening connection to localhost:443...
Starting SSL handshake..
Server sent 1 certificate(s):
1 Subject CN=Unknown, OU=Unknown, O=Vendavo, L=Unknown, ST=Czech republic, C=CZ
Enter certificate to add to trusted keystore or 'q' to quit: [1]
1
Added certificate to keystore 'jssecacerts' using alias 'localhost-1'

I have removed most of the parts but the main parts are here:

a) press 1 when assked – you agree to add certificate for this domain into keystore

b) it created jssecacerts file

Verify Trusted Keystore

Run same command again 🙂  (this is full export – removed hashed data)

[mchowaniok@sonar ~]$ java InstallCert sonar.vmcz.vendavo.com:443
Loading KeyStore jssecacerts...
Opening connection to sonar.vmcz.vendavo.com:443...
Starting SSL handshake...
No errors, certificate is already trusted
Server sent 1 certificate(s):
1 Subject CN=Unknown, OU=Unknown, O=Vendavo, L=Unknown, ST=Czech republic, C=CZ
 Issuer CN=Unknown, OU=Unknown, O=Vendavo, L=Unknown, ST=Czech republic, C=CZ
 sha1 
 md5 
Enter certificate to add to trusted keystore or 'q' to quit: [1]
q
KeyStore not changed

Copy jssecacerts

copy jssecacerts file into java/jre/lib/security folder (I had to done it under sudo )

[user@sonar ~]$ sudo cp jssecacerts /usr/java/default/jre/lib/security/

Done

verify it 🙂   in my case, run Jenkins job and verify data are uploaded to Sonar.