Authentication failed for Dependencies: 401 Unauthorized

Hi Team,

I am trying to set up Sonar cloud Analysis for a Java Maven project using Azure pipelines.And the moment I turn on Sonar cloud Analysis in my pipeline I start getting unauthorized. I am unusre on where to update token with in Sonar.My Sonar cloud Service Connection is working alright and I can see an entry for the token in security section of Sonar Cloud as below:

image1048×152 6.46 KB

my maven task is a simple one as follows and prceeded by Sonar cloud Prepare step which is sucessfull.

- task: Maven@4
** inputs:**
** mavenPomFile: ‘…/pom.xml’**
** publishJUnitResults: false**
** javaHomeOption: ‘JDKVersion’**
** mavenVersionOption: ‘Default’**
** mavenAuthenticateFeed: false**
** effectivePomSkip: false**
** sonarQubeRunAnalysis: true**
** sqMavenPluginVersionChoice: ‘latest’**
** goals: -e clean package**

If I turn OFF sonarQubeRunAnalysis the build is sucessful.

Sonar Prepare task is as follows which is sucessfull.

- task: SonarCloudPrepare@1
** inputs:**
** SonarCloud: ‘Sonar_customer1’**
** organization: '’
** scannerMode: ‘Other’
** extraProperties: |
** # Additional properties that will be passed to the scanner,**
** # Put one key=value per line, example:**
** # sonar.exclusions=/*.bin
** sonar.projectKey=************
** sonar.projectName=**********

Error logs below:

authentication failed for https://pkgs.dev.azure.com/****/_packaging/peluk/maven/v1/pelmaximo/businessobjects/ status: 401 Unauthorized → [Help 1]
2024-03-12T14:55:23.9660763Z org.apache.maven.lifecycle.LifecycleExecutionException: Failed to execute goal on project src_mbo: Could not resolve dependencies for project

Caused by: org.apache.maven.wagon.authorization.AuthorizationException: authentication failed for Azure DevOps Services | Sign In, status: 401 Unauthorized

Where as these dependencies get downloded without any issues when we turn off sonar cloud analysis.

Request your urgent help on this.

Kind Regards,
Renjini

Team,

Could you please help in this.

Kind Regards,
Renjini

Hi,

Could you provide your full anlaysis log, please?

The analysis / scanner log is what’s output from the analysis command. Hopefully, the log you provide - redacted as necessary - will include that command as well.

This guide will help you find them.

 
Ann

Hello Ann,

I have tried to generate a new token this week and mapped in Sonar Cloud.I did face some issues with accessing Sonar Cloud (only via my account) today afternoon and the authentication error is gone now.I am still unclear on how it is resolved though. But I am now facing a different issue , the build gives below and shows no analysis results in the Sonar cloud . Is there a way I can confirm the location of analysis in the logs.Your help would be highly appreciated.

##[warning]No analyses found in this build! Please check your build configuration.
Finishing: SonarCloudPublish

I have following quetsions too,

1. I see that Sonar cloud suggests to have a service connection and different key value to be used while trying to analyse a project, Is it like we have to create a new service connection and key pair value for each project?
2. We are planning to allign the access of projects with in Sonar Cloud with AD group set up, ie; when a particular AD group have access to a set of projects in Azure Sonar Cloud also should mirror this.Is this possible to have AD group synchronisation within Sonar Cloud.

You may see a lot of messages coming from me since we have started to implement Sonar Cloud to all our Cient Projects :).

Thanks in advance!
Kindly let me know your thoughts.

Hi,

We try to keep it to one topic per thread. Otherwise it can get messy, fast, and it seems that your latest post is unrelated to the initial topic of this thread.

Your latest post is a new question. Please create a new thread for it, with all the details.

 
Ann