403s during SonarCloudAnalyze step in Azure Dev Ops Pipeline

We have started getting the 403s yesterday. It does not prevent the pipeline from running and the SonarCloudAnalyze does run as expected. I can also see from my https://sonarcloud.io/account/security page that the token is being used.

task: SonarCloudPrepare@1 inputs: SonarCloud: ‘Sonarcloud Connection’ organization: ‘******’ scannerMode: ‘MSBuild’ projectKey: ‘******_********’ projectName: ‘OurApplication’ projectVersion: $(fullBuildVersionString) extraProperties: | sonar.cs.opencover.reportsPaths=$(Common.TestResultsDirectory)*.opencover.xml sonar.exclusions=\Stuff.Android.Bindings**,\Stuff.Touch.Bindings** sonar.coverage.exclusions=\Us.Devices.Mir.Droid*.cs,\Views***.cs,\Us.Devices.Mir.Fake*.cs,\Stuff.Android.Bindings*.cs sonar.verbose=true

The user whose account the token came from has the following permissions

Administer
Quality Gates, Quality Profiles

Execute Analysis
Yes

Create
Projects

I can’t include the whole log as that much text hangs chrome so I have included the logs from around the 403 errors

2023-02-22T09:06:35.4509542Z 09:06:35.439 INFO: ------------- Run sensors on module ********App
2023-02-22T09:06:35.6490635Z 09:06:35.642 INFO: Load metrics repository
2023-02-22T09:06:35.7824775Z 09:06:35.767 DEBUG: GET 200 https://sonarcloud.io/api/metrics/search?f=name,description,direction,qualitative&ps=500&p=1 | time=125ms
2023-02-22T09:06:35.8335797Z 09:06:35.783 INFO: Load metrics repository (done) | time=141ms
2023-02-22T09:06:35.8337281Z 09:06:35.814 INFO: Sensor cache enabled
2023-02-22T09:06:35.8337981Z 09:06:35.814 INFO: Load sensor cache
2023-02-22T09:06:36.0589132Z 09:06:36.048 DEBUG: GET 403 https://ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com/current/v1/sensor_cache/prepare_read?organization=**********&project=**********Ltd_PilotMobileApplication&branch=release_4_3_1 | time=234ms
2023-02-22T09:06:36.0631063Z ##[error]09:06:36.048 ERROR: Failed to prepare download of the sensor cache
org.sonar.api.utils.MessageException: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator
2023-02-22T09:06:36.0632942Z 09:06:36.048 ERROR: Failed to prepare download of the sensor cache
2023-02-22T09:06:36.0633875Z org.sonar.api.utils.MessageException: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator
2023-02-22T09:06:36.0634512Z 
2023-02-22T09:06:36.0635196Z 09:06:36.048 INFO: Load sensor cache (404) | time=234ms
2023-02-22T09:06:37.9451182Z 09:06:37.939 DEBUG: Loading C:\Users\VSSADM~1\AppData\Local\Temp\sonarsource-cfamily-jni8781081740305924479.dll
2023-02-22T09:06:39.6151520Z 09:06:39.487 DEBUG: Adding rules for repository 'jssecurity', language: JAVASCRIPT, [class com.sonar.security.frontend.js.rules.DomOpenRedirectCheck, class com.sonar.security.frontend.js.rules.DomXssCheck, class com.sonar.security.frontend.js.rules.DynamicCodeExecutionCheck, class com.sonar.security.frontend.js.rules.FilePathInjectionCheck, class com.sonar.security.frontend.js.rules.HttpRedirectionCheck, class com.sonar.security.frontend.js.rules.NoSQLInjectionCheck, class com.sonar.security.frontend.js.rules.OSArgumentConstructionCheck, class com.sonar.security.frontend.js.rules.OSArgumentInjectionCheck, class com.sonar.security.frontend.js.rules.OSCommandInjectionCheck, class com.sonar.security.frontend.js.rules.ReflectedXssCheck, class com.sonar.security.frontend.js.rules.RegularExpressionDoSCheck, class com.sonar.security.frontend.js.rules.ServerSideRequestCheck, class com.sonar.security.frontend.js.rules.SQLInjectionCheck, class com.sonar.security.frontend.js.rules.ZipSlipCheck, class com.sonar.security.frontend.js.rules.SessionFixationCheck] from com.sonar.security.frontend.js.F
2023-02-22T09:06:39.6158256Z 09:06:39.503 DEBUG: Adding rules for repository 'tssecurity', language: TYPESCRIPT, [class com.sonar.security.frontend.js.rules.DomOpenRedirectCheck, class com.sonar.security.frontend.js.rules.DomXssCheck, class com.sonar.security.frontend.js.rules.DynamicCodeExecutionCheck, class com.sonar.security.frontend.js.rules.FilePathInjectionCheck, class com.sonar.security.frontend.js.rules.HttpRedirectionCheck, class com.sonar.security.frontend.js.rules.NoSQLInjectionCheck, class com.sonar.security.frontend.js.rules.OSArgumentConstructionCheck, class com.sonar.security.frontend.js.rules.OSArgumentInjectionCheck, class com.sonar.security.frontend.js.rules.OSCommandInjectionCheck, class com.sonar.security.frontend.js.rules.ReflectedXssCheck, class com.sonar.security.frontend.js.rules.RegularExpressionDoSCheck, class com.sonar.security.frontend.js.rules.ServerSideRequestCheck, class com.sonar.security.frontend.js.rules.SQLInjectionCheck, class com.sonar.security.frontend.js.rules.ZipSlipCheck,

2023-02-22T09:07:02.4180563Z 09:07:02.404 DEBUG: Upload report
2023-02-22T09:07:02.9684210Z 09:07:02.959 DEBUG: POST 200 https://sonarcloud.io/api/ce/submit?organization=**********&projectKey=**********Ltd_PilotMobileApplication&projectName=PilotMobileApplication&characteristic=branch%3Drelease_4_3_1&characteristic=branchType%3DSHORT | time=555ms
2023-02-22T09:07:02.9696318Z 09:07:02.959 INFO: Analysis report uploaded in 555ms
2023-02-22T09:07:02.9720843Z 09:07:02.959 DEBUG: Report metadata written to D:\a\_temp\sonar\4.3.1.12052\0359fc8f-f534-7b78-8b1e-93fd540e5f0b\report-task.txt
2023-02-22T09:07:02.9721977Z 09:07:02.959 INFO: ANALYSIS SUCCESSFUL, you can find the results at: https://sonarcloud.io/dashboard?id=**********Ltd_PilotMobileApplication&branch=release_4_3_1&resolved=false
2023-02-22T09:07:02.9723273Z 09:07:02.959 INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
2023-02-22T09:07:02.9724131Z 09:07:02.959 INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=AYZ4YE4zwR9lHV-uzBTJ
2023-02-22T09:07:03.1270960Z 09:07:03.084 DEBUG: GET 403 https://ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com/current/v1/sensor_cache/prepare_write?organization=**********&project=**********Ltd_PilotMobileApplication&branch=release_4_3_1 | time=110ms
2023-02-22T09:07:03.1275492Z ##[error]09:07:03.099 ERROR: Failed to prepare write of the sensor cache
org.sonar.api.utils.MessageException: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator
2023-02-22T09:07:03.1772983Z 09:07:03.099 ERROR: Failed to prepare write of the sensor cache
2023-02-22T09:07:03.1773978Z org.sonar.api.utils.MessageException: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator
2023-02-22T09:07:03.1775917Z 
2023-02-22T09:07:03.1777140Z 09:07:03.099 DEBUG: Failed to publish sensor cache
2023-02-22T09:07:03.1777891Z 09:07:03.099 DEBUG: Post-jobs : 
2023-02-22T09:07:03.1778470Z 09:07:03.115 INFO: Analysis total time: 42.194 s
2023-02-22T09:07:03.1779917Z 09:07:03.115 INFO: ------------------------------------------------------------------------
2023-02-22T09:07:03.1782571Z 09:07:03.115 INFO: EXECUTION SUCCESS
2023-02-22T09:07:03.1783359Z 09:07:03.115 INFO: ------------------------------------------------------------------------
2023-02-22T09:07:03.1784043Z 09:07:03.115 INFO: Total time: 1:05.189s
2023-02-22T09:07:03.3377970Z 09:07:03.334 INFO: Final Memory: 45M/154M
2023-02-22T09:07:03.3380229Z 09:07:03.334 INFO: ------------------------------------------------------------------------

Hi @pat_munkiisoft

Thank you for reporting this issue.

We had a bug that has been resolved on February 23rd. It didn’t have any functional impact to the analysis, as it could proceed without a cache.
Since the bug has been resolved, you shouldn’t see sensor cache related 403s anymore - could you confirm?

Anita

Confirmed. Thanks

I still got this issue today(Feb 28th)

2-28T09:31:00.0477162Z [e[1;36mDEBUGe[m] 09:31:00.044 GET 403 https://ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com/current/v1/sensor_cache/prepare_read?organization=xxx&project=xxx | time=546ms
2023-02-28T09:31:00.0504424Z [e[1;31mERRORe[m] 09:31:00.049 Failed to prepare download of the sensor cache
2023-02-28T09:31:00.0509722Z org.sonar.api.utils.MessageException: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator
2023-02-28T09:31:00.0513854Z

My pipeline run on Azure

- task: SonarCloudPrepare@1
  inputs:
    SonarCloud: 'EGS-SonarCloud'
    organization: 'xxx'
    scannerMode: 'Other'
    extraProperties: |
      # Additional properties that will be passed to the scanner, 
      # Put one key=value per line, example:
      # sonar.exclusions=**/*.bin
      sonar.verbose=true
      sonar.projectKey=xxx
      sonar.projectName=xxx

- task: Maven@4
  inputs:
    mavenPomFile: 'java-sources/pom.xml'
    publishJUnitResults: true
    testResultsFiles: '**/surefire-reports/TEST-*.xml'
    options: '-debug'
    javaHomeOption: 'Path'
    jdkDirectory: '/usr/lib/jvm/java-11-openjdk-amd64'
    mavenVersionOption: 'Default'
    mavenAuthenticateFeed: false
    effectivePomSkip: false
    sonarQubeRunAnalysis: true
    sqMavenPluginVersionChoice: 'latest'

Look like i figured it out. In first, i using token which i(not admin) created to connect Azure with SonarCloud, it got 403 error. Then, i try to using token which created by admin, and the pipeline succeed

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.