I checked the web interface to see what API endpoints does the web interface hit when disabling autoscan for other projects and managed to forge a request to: https://sonarcloud.io/api/autoscan/activation
With the following payload: enable=false&projectKey=kubernetes_client
But the request doesn’t work, I’m getting the following message:
{"errors":[{"msg":"An error has occurred. Please contact your administrator"}]}
You were incorrectly marked as an Autoscan user on our end, we have corrected this.
Can I ask you how you were launching the scanner before it started failing? Did you supply a token generated by SonarCloud?
The procedure was exactly the same, it started to fail from one day to another (everything was Ok on Thursday but it began to fail on Friday). I didn’t change anything on the configuration, I can’t say I’m 100% sure if anyone else in the team did (although I’m quite confident no one touched config).
As this scan is triggered from GitHub Actions during pull requests, execution analysis tasks are public and open to any user (GH Actions won’t propagate secrets to PR triggered executions for security, so token can’t be shared).
That’s why my guess is that something was changed in SonarCloud or the sonar execution service that you run server-side and this verification is now performed when before it wasn’t.
The token is still provided for push events in the repo, although it shouldn’t be necessary either, given the security configuration of the project in SonarCloud.
Our issue is now fixed, I was given access to fabric8io organization (long story) and updated a project that already existed there (maybe this was also causing some trouble).
Do you by any chance have the permission set that ‘Anyone’ can execute analysis on this project, like in the attached screenshot?
Yes, this is how the permissions are set up. Although for this project I recall setting them up using a permission template at the organization level.
Regarding the Analysis method configuration, I followed this topic before posting this thread. I understand that not having the check-box visible by default is a UX related thing. I strongly encourage to either set manual as the default method for projects created manually, then maybe display the checkbox once the project is analyzed.
We deployed a change on Friday that introduced the error you were getting, so that’s completely on our side.
Just to be clear, I didn’t mean my comment as some sort of blame but to help find out the issue ;).
Thanks again for your help, it’s much appreciated. Also big praise to the team and community behind Sonar.
I completely agree, and that is the way it is set-up for most projects. Your project is an edge case because of the way your permissions are configured (which are completely valid). We have been able to identify other projects that are in the same situation as yours, so thanks for reporting this issue.
Hi @TomVanBraband,
I just manually disabled Autoscan for each project, and everything works now.
Anything I could do organization-wide to keep Autoscan defaulted to off?