Analysis fails for a gradle project in github actions

Leroy_Kayanda · August 31, 2022, 4:28pm

I am using the latest sonarqube community edition.

I have set up github actions as below.

jobs:
  sonarqube-checks:
    name: sonarqube-checks
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0  

      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: 11

      - name: Cache SonarQube packages
        uses: actions/cache@v1
        with:
          path: ~/.sonar/cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar

      - name: Cache Gradle packages
        uses: actions/cache@v1
        with:
          path: ~/.gradle/caches
          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
          restore-keys: ${{ runner.os }}-gradle

      - name: Build and analyze
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
        run: |
           ./gradlew build sonarqube --info

Have set up build.gradle like this.

plugins {
    id "org.sonarqube" version "3.4.0.2513"
}

sonarqube {
  properties {
    property "sonar.projectKey", "<project-key>"
  }
}

When the pipeline runs, it fails with this error

What went wrong:
Execution failed for task ':sonarqube'.
Youre not authorized to run analysis. Please contact the project administrator.

When I run it locally using the same token, analysis succeeds.

./gradlew sonarqube -D “sonar.projectKey=myProjectKey” -D “sonar.host.url=host” -D “sonar.login=myToken>”

ganncamp · August 31, 2022, 5:30pm

Hi,

Welcome to the community!

It looks like the token you’re using in the action is from a user that doesn’t have rights to analyze the project. (Or perhaps the token value got mangled in transit somehow?)

That’s assuming the project was already initialized in SonarQube? If you’re using a Global Analysis Token, well unfortunately those don’t have the rights to create a project on first analysis.

HTH,
Ann

Leroy_Kayanda · August 31, 2022, 6:15pm

Hi, I am using a global token but the project has already been created in SonarQube. Strangely enough the token works when I run an analysis locally on my computer using ./gradlew sonarqube -D “sonar.projectKey=myProjectKey” -D “sonar.host.url=host” -D “sonar.login=myToken>”.

ganncamp · September 1, 2022, 1:45pm

Hi,

I’m guessing your token value got mangled in your CI. Can you re-copy/paste it?

Ann