Cannot connect SonarCloud to GitHub (Build Fails)

SonarCloud
,
1

Template for a good new topic, formatted with Markdown:

  • ALM used (GitHub, Bitbucket Cloud, Azure DevOps)
    GitHub

  • CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI
    GitHub Actions (Suggested by Sonar Cloud Configuration)

  • Scanner command used when applicable (private details masked)
    N/A

  • Languages of the repository
    Programming: CSharp
    User: English

  • Only if the SonarCloud project is public, the URL
    I’m not sure if it’s available yet as configuration is incomplete: https://sonarcloud.io/organizations/deadmann/projects

  • Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
    >>Install Solar Cloud Scanner

Run New-Item -Path .\.sonar\scanner -ItemType Directory


    Directory: D:\a\AdvancedRestHandler\AdvancedRestHandler\.sonar


Mode                LastWriteTime         Length Name                                                                  
----                -------------         ------ ----                                                                  
d-----        1/10/2022   4:13 PM                scanner                                                               

Welcome to .NET 5.0!
---------------------
SDK Version: 5.0.404

Telemetry
---------
The .NET tools collect usage data in order to help us improve your experience. It is collected by Microsoft and shared with the community. You can opt-out of telemetry by setting the DOTNET_CLI_TELEMETRY_OPTOUT environment variable to '1' or 'true' using your favorite shell.

Read more about .NET CLI Tools telemetry: https://aka.ms/dotnet-cli-telemetry

----------------
Installed an ASP.NET Core HTTPS development certificate.
To trust the certificate run 'dotnet dev-certs https --trust' (Windows and macOS only).
Learn about HTTPS: https://aka.ms/dotnet-https
----------------
Write your first app: https://aka.ms/dotnet-hello-world
Find out what's new: https://aka.ms/dotnet-whats-new
Explore documentation: https://aka.ms/dotnet-docs
Report issues and find source on GitHub: https://github.com/dotnet/core
Use 'dotnet --help' to see available commands or visit: https://aka.ms/dotnet-cli
--------------------------------------------------------------------------------------
C:\Program Files\dotnet\sdk\5.0.404\NuGet.targets(131,5): warning : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured. [C:\Users\runneradmin\AppData\Local\Temp\4n22mtwo.mjm\restore.csproj]
C:\Program Files\dotnet\sdk\5.0.404\NuGet.targets(131,5): warning : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured. [C:\Users\runneradmin\AppData\Local\Temp\4n22mtwo.mjm\restore.csproj]
C:\Program Files\dotnet\sdk\5.0.404\NuGet.targets(131,5): warning : Your request could not be authenticated by the GitHub Packages service. Please ensure your access token is valid and has the appropriate scopes configured. [C:\Users\runneradmin\AppData\Local\Temp\4n22mtwo.mjm\restore.csproj]
C:\Program Files\dotnet\sdk\5.0.404\NuGet.targets(131,5): error : Failed to retrieve information about 'dotnet-sonarscanner' from remote source 'https://nuget.pkg.github.com/deadmann/download/dotnet-sonarscanner/index.json'. [C:\Users\runneradmin\AppData\Local\Temp\4n22mtwo.mjm\restore.csproj]
C:\Program Files\dotnet\sdk\5.0.404\NuGet.targets(131,5): error :   Response status code does not indicate success: 401 (Unauthorized). [C:\Users\runneradmin\AppData\Local\Temp\4n22mtwo.mjm\restore.csproj]
Tool 'dotnet-sonarscanner' failed to update due to the following:
The tool package could not be restored.
Tool 'dotnet-sonarscanner' failed to install. This failure may have been caused by:

* You are attempting to install a preview release and did not use the --version option to specify the version.
* A package by this name was found, but it was not a .NET tool.
* The required NuGet feed cannot be accessed, perhaps because of an Internet connection problem.
* You mistyped the name of the tool.

For more reasons, including package naming enforcement, visit https://aka.ms/failure-installing-tool


Error: Process completed with exit code 1.

  • Steps to reproduce
    Just trying to install Solar Cloud as it explined on my project, just fork and retry
    Note: Although I still don’t provide any test, I provide test project for .net X, .Net Core X and .NetFramework X, as they may act differently

  • Potential workaround
    Found nothing

2

Hey there.

I would suggest take a moment and make sure you have a working build.yml file without SonarCloud in the mix – it seems you’re facing an issue authenticating with a Nuget feed and installing the SonarScanner is just the first thing that makes it fail (a 401 error is being returned). I imagine you will face the same issue trying to pull any other package your software needs to build.

C:\Program Files\dotnet\sdk\5.0.404\NuGet.targets(131,5): error : Failed to retrieve information about 'dotnet-sonarscanner' from remote source 'https://nuget.pkg.github.com/deadmann/download/dotnet-sonarscanner/index.json'. [C:\Users\runneradmin\AppData\Local\Temp\4n22mtwo.mjm\restore.csproj]
C:\Program Files\dotnet\sdk\5.0.404\NuGet.targets(131,5): error :   Response status code does not indicate success: 401 (Unauthorized). [C:\Users\runneradmin\AppData\Local\Temp\4n22mtwo.mjm\restore.csproj]
3

I never built any build.yml file, and I have no knowledge of the concept, I just tried to use what Sonar has suggested…
My only dependency is Newtonsoft package

4

And let me note, the build is not visible to me, It’s just all about SonarCloud:

(Not that I understand how this build file works, or how to setup project build, but sonar name is all over the build file, and nothing about my test projects)

name: Build
on:
  push:
    branches:
      - master
  pull_request:
    types: [opened, synchronize, reopened]
jobs:
  build:
    name: Build
    runs-on: windows-latest
    steps:
      - name: Set up JDK 11
        uses: actions/setup-java@v1
        with:
          java-version: 1.11
      - uses: actions/checkout@v2
        with:
          fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
      - name: Cache SonarCloud packages
        uses: actions/cache@v1
        with:
          path: ~\sonar\cache
          key: ${{ runner.os }}-sonar
          restore-keys: ${{ runner.os }}-sonar
      - name: Cache SonarCloud scanner
        id: cache-sonar-scanner
        uses: actions/cache@v1
        with:
          path: .\.sonar\scanner
          key: ${{ runner.os }}-sonar-scanner
          restore-keys: ${{ runner.os }}-sonar-scanner
      - name: Install SonarCloud scanner
        if: steps.cache-sonar-scanner.outputs.cache-hit != 'true'
        shell: powershell
        run: |
          New-Item -Path .\.sonar\scanner -ItemType Directory
          dotnet tool update dotnet-sonarscanner --tool-path .\.sonar\scanner
      - name: Build and analyze
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
        shell: powershell
        run: |
          .\.sonar\scanner\dotnet-sonarscanner begin /k:"deadmann_AdvancedRestHandler" /o:"deadmann" /d:sonar.login="${{ secrets.SONAR_TOKEN }}" /d:sonar.host.url="https://sonarcloud.io"
          <insert_your_clean_build_command>
          .\.sonar\scanner\dotnet-sonarscanner end /d:sonar.login="${{ secrets.SONAR_TOKEN }}"
5

Hey there.

A working build is required for SonarCould to be able to analyze C# code – therefore, the best starting point is to build a working GitHub Actions workflow that correctly builds your solution and then add SonarCould analysis in. I would suggest working with the team that manages the build (as it exists today) and bringing it into GitHub Actions.

1 Like