Analysis on Azure DevOps Broken with Authorization Issue

Very similar to issue: SonarQube analysis with maven on azure devops is broken due to an authentication issue - #13 by onielmartinroi

When running SonarCloud Analyze on Azure DevOps - if the agent is using a Node 10 Execution Handler, the sonar-scanner fails with the following error:

ERROR: You're not authorized to run analysis. No sonar.login or SONAR_TOKEN env variable was set

I confirmed that I am running SonarCloud Extension v1.27.1. My pipelines running Node 6 are fine, only those running Node 10 have this issue.

At the top of the step, I can see a NodeJS --version command. For the pipelines working, it’s version 6.14.15. For those not working, it’s version 8.1.0.

1 Like

Hi @onielmartinroi

Can you share a bit more of your pipeline setup here ?

Thanks.

@mickaelcaro
Sure, it is a NPM step running:

sonar-scanner

This is the following NPM version at the top of the build output:

==============================================================================
Task         : npm
Description  : Install and publish npm packages, or run an npm command. Supports npmjs.com and authenticated registries like Azure Artifacts.
Version      : 1.187.0
Author       : Microsoft Corporation
Help         : https://docs.microsoft.com/azure/devops/pipelines/tasks/package/npm
==============================================================================
C:\Windows\system32\cmd.exe /D /S /C ""C:\Program Files\nodejs\npm.cmd" --version"
8.1.2
C:\Windows\system32\cmd.exe /D /S /C ""C:\Program Files\nodejs\npm.cmd" config list"
; "builtin" config from C:\Program Files\nodejs\node_modules\npm\npmrc

Is it run after the prepare analysis configuration (i mean, the one calling sonar-scanner) ?

Correct. We run prepare analysis first. Then we run a .NET sonar scanner. Then a NPM sonar scanner. Finally the Publish.

Below is the output for the prepare analysis configuration.

Starting: Sonar Cloud Prepare
==============================================================================
Task         : Prepare Analysis Configuration
Description  : Prepare SonarCloud analysis configuration
Version      : 1.23.1
Author       : sonarsource
Help         : Version: 1.23.1. [More Information](https://sonarcloud.io/documentation/analysis/scan/sonarscanner-for-azure-devops/)
==============================================================================
D:\a\_tasks\SonarCloudPrepare_14d9cde6-c1da-4d55-aa01-2965cd301255\1.23.1\classic-sonar-scanner-msbuild\SonarScanner.MSBuild.exe begin /k:mo-survey-survey-designer-web /o:oceanside10
SonarScanner for MSBuild 5.4
Using the .NET Framework version of the Scanner for MSBuild
Pre-processing started.
Preparing working directories...
21:59:10.352  Updating build integration targets...
21:59:11.111  Fetching analysis configuration settings...
21:59:12.326  Provisioning analyzer assemblies for cs...
21:59:12.328  Installing required Roslyn analyzers...
21:59:14.28  Provisioning analyzer assemblies for vbnet...
21:59:14.28  Installing required Roslyn analyzers...
21:59:14.318  Pre-processing succeeded.
Finishing: Sonar Cloud Prepare

Run Analysis task will reduce the scope of the login property available in the env variable. You’ll need to add another prepare after the run analysis for .NET and before the run analysis for NPM

HTH,
Mickaël

Confirming after following your recommendation, it is working now. Thank you!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.