I’m migrating repos from Azure DevOps to GitHub but leaving the CI Pipeline in Azure DevOps, for now.
We have Sonar Enterprise so have a GitHub Bound Sonar Org and ADO Bound Sonar Org. As there isn’t a way to move these projects between the Orgs I’ve needed to create a new Project in the GitHub Sonar Org using the Analyze New Project and done it through the GitHub binding.
We have a Machine User for the scanning that has it’s Access Token in a ADO Service Connection. This user has Browse and Execute Permission on both Sonar Orgs.
The Project is a Java Project using Gradle and the Sonar Gradle Plugin v6.3.1.5724 (as my last attempt I’ve updated this to v7.1.0.6387)
The scanning in the GitHub PRs is succeeding but without any Code Coverage, that makes sense that it needs the CI Pipeline for that metric. When the CI Pipeline runs the Sonar Gradle task it fails with the error “Error 404 on https://api.sonarcloud.io/analysis/analyses“, this looks very similar to:
I also saw another post with a similar title from last month that wasn’t resolved and these talked about permissions being the likely cause.
I’ve then increased the Machine Users permissions on the Project to have all options enabled (Browse, See Source Code, Administer Issues, Administer Security Hotspots, Administer & Execute Analysis) but this still gives the same error. I have logged into the Machine User’s account and confirm the Admin > Analysis Method page loads. (I notice this doesn’t when Execute Analysis is missing)
I’ve also turned off the Automatic Analysis for this project without any improvement.
I can confirm the Sonar Properties in Gradle that specify the Organization and project key have both been updated.
I created a new Access Token for the Machine User and can confirm it is being used as the “Last use” is updated.