django-DefectDojo: SonarQube tool returns error on save

Bug description Saving sonarqube tool config returns Expecting value: line 2 column 1 (char 1) and fails to save.

Steps to reproduce image image image image image

Django log

[uwsgi-http key: defectdojo.xxx.uk client_addr: 10.xx.x.x client_port: 34539] hr_read(): Connection reset by peer [plugins/http/http.c line 918]
[pid: 1|app: -|req: -/-] 10.xx.x.x (-) {34 vars in 421 bytes} [Wed Jan  4 14:10:29 2023] GET /uwsgi_health => generated 18165 bytes in 41 msecs (HTTP/1.1 200) 9 headers in 472 bytes (1 switches on core 1)
[pid: 1|app: -|req: -/-] 10.xx.x.x (-) {30 vars in 419 bytes} [Wed Jan  4 14:10:29 2023] GET /login?force_login_form&next=/ => generated 18165 bytes in 41 msecs (HTTP/1.1 200) 9 headers in 472 bytes (1 switches on core 0)
[pid: 21|app: -|req: -/-] 10.xx.x.x (admin) {54 vars in 953 bytes} [Wed Jan  4 14:10:32 2023] GET /alerts/count => generated 12 bytes in 18 msecs (HTTP/1.1 200) 6 headers in 171 bytes (1 switches on core 0)
[pid: 21|app: -|req: -/-] 10.xx.x.x (admin) {58 vars in 1005 bytes} [Wed Jan  4 14:10:33 2023] GET /alerts/count => generated 12 bytes in 36 msecs (HTTP/1.1 200) 6 headers in 171 bytes (1 switches on core 1)
[04/Jan/2023 14:10:37] ERROR [dojo.tool_config.views:39] Expecting value: line 2 column 1 (char 1)
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/site-packages/requests/models.py", line 971, in json
    return complexjson.loads(self.text, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/json/__init__.py", line 346, in loads
    return _default_decoder.decode(s)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/json/decoder.py", line 337, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/json/decoder.py", line 355, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 2 column 1 (char 1)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/app/dojo/tool_config/views.py", line 27, in new_tool_config
    result = api.test_connection()
             ^^^^^^^^^^^^^^^^^^^^^
  File "/app/dojo/tools/sonarqube_api/api_client.py", line 372, in test_connection
    num_projects = response.json()['paging']['total']
                   ^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/site-packages/requests/models.py", line 975, in json
    raise RequestsJSONDecodeError(e.msg, e.doc, e.pos)
requests.exceptions.JSONDecodeError: Expecting value: line 2 column 1 (char 1)
[pid: 21|app: -|req: -/-] 10.x.x.x (admin) {66 vars in 1291 bytes} [Wed Jan  4 14:10:37 2023] POST /tool_config/add => generated 48718 bytes in 169 msecs (HTTP/1.1 200) 7 headers in 360 bytes (1 switches on core 0)
[uwsgi-http key: defectdojo.xxx.uk client_addr: 10.xx.x.x client_port: 61589] hr_read(): Connection reset by peer [plugins/http/http.c line 918]

Expected behaviour Sonarqube login happens and the service stores the change; or if the issue is during communication with sonarqube the response is logged/appropriate error returned.

Deployment method (select with an X)

  • Kubernetes (helm)
helm repo add defectdojo 'https://raw.githubusercontent.com/DefectDojo/django-DefectDojo/helm-charts'
helm repo add bitnami https://charts.bitnami.com/bitnami
helm repo update
helm pull helm-charts/defectdojo --untar
helm dependency update ./defectdojo
helm dependency build ./defectdojo

helm upgrade --install \
  defectdojo \
  ./defectdojo \
  --namespace="defect-dojo" --create-namespace \
  --set host="defectdojo.xxx.uk" \
  --set site_url="https://defectdojo.xxx.uk" \
  --set django.ingress.enabled=true \
  --set django.ingress.activateTLS=false \
  --set django.replicas=1 \
  --set celery.replicas=1 \
  --set rabbitmq.replicas=1 \
  --set mysql.enabled=false \
  --set database=postgresql \
  --set postgresql.enabled=true \
  --set postgresql.replication.enabled=true \
  --set postgresql.replication.slaveReplicas=3 \
  --set createSecret=true \
  --set createRabbitMqSecret=true \
  --set createRedisSecret=true \
  --set createMysqlSecret=true \
  --set createPostgresqlSecret=true

(tls is terminated at lb)

Environment information

  • v. 2.18.0 ( release mode )

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Comments: 24 (10 by maintainers)

Most upvoted comments

but still it shows this error Unable to find the project sts due to 403 - {“errors”:[{“msg”:“Insufficient privileges”}]} @ChrisMcKee

@kiblik kindly review this and give me an update.

double-check that sts is really the correct key (maybe you cut some characters) and also if used API key has permission to access this project in SQ.

+1
kiblik on Jul 14, 2023

I just added the /api to my sonar address.

+1
ChrisMcKee on Jul 14, 2023

I extended the error message and change the status of PR to “ready for review”. Let’s wait for the approval and merge.

+1
kiblik on Jan 10, 2023

@kiblik Great; I’ve just built the Dockerfile.django file in your fork to test. I’ll update once it’s pushed and I’ve swapped the image out

+1
ChrisMcKee on Jan 10, 2023
Read more comments on GitHub
← django-DefectDojo: Snyk report not getting uploaded
django-DefectDojo: Unable to import from Github vulnerability scan →