Error: Not Authorized, but only for pull requests. Other scans successful

trexx00 · January 19, 2021, 9:12pm

Template for a good new topic, formatted with Markdown:

ALM used: Azure DevOps
CI system used: Azure DevOps
Scanner command used when applicable: N/A using Azure DevOps connector
Languages of the repository: C#

This was working before, don’t know if something changed on sonar cloud?
The analyze task is successful for branch builds, both master and non master branches. The scan for the PR’s fail with the noted error about authorization.
How can we drill further for specific root cause ? How could some scans be authorized and some not ?
All the scans mentioned are for the same repository.

Errors from log appended at end.

Thanks,
Tyrone
2021-01-14T21:18:24.2947766Z ##[error]21:18:24.292 ERROR: Error during SonarScanner execution
2021-01-14T21:18:24.2949327Z 21:18:24.292 ERROR: Error during SonarScanner execution
2021-01-14T21:18:24.2953886Z ##[error]java.lang.IllegalStateException: Unable to load component class org.sonar.scanner.scan.filesystem.InputComponentStore
2021-01-14T21:18:24.2955461Z java.lang.IllegalStateException: Unable to load component class org.sonar.scanner.scan.filesystem.InputComponentStore
2021-01-14T21:18:24.2988769Z ##[error]at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:52)
2021-01-14T21:18:24.3009435Z at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:52)
2021-01-14T21:18:24.3012735Z ##[error]at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:632)
at org.picocontainer.parameters.BasicComponentParameter$1.resolveInstance(BasicComponentParameter.java:118)
at org.picocontainer.parameters.ComponentParameter$1.resolveInstance(ComponentParameter.java:136)
2021-01-14T21:18:24.3014411Z at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:632)
2021-01-14T21:18:24.3016621Z at org.picocontainer.parameters.BasicComponentParameter$1.resolveInstance(BasicComponentParameter.java:118)
2021-01-14T21:18:24.3017374Z at org.picocontainer.parameters.ComponentParameter$1.resolveInstance(ComponentParameter.java:136)
2021-01-14T21:18:24.3019549Z ##[error]at org.picocontainer.injectors.SingleMemberInjector.getParameter(SingleMemberInjector.java:78)
at org.picocontainer.injectors.ConstructorInjector$CtorAndAdapters.getParameterArguments(ConstructorInjector.java:309)
2021-01-14T21:18:24.3020883Z at org.picocontainer.injectors.SingleMemberInjector.getParameter(SingleMemberInjector.java:78)
2021-01-14T21:18:24.3021408Z at org.picocontainer.injectors.ConstructorInjector$CtorAndAdapters.getParameterArguments(ConstructorInjector.java:309)
2021-01-14T21:18:24.3023405Z ##[error]at org.picocontainer.injectors.ConstructorInjector$1.run(ConstructorInjector.java:335)
at org.picocontainer.injectors.AbstractInjector$ThreadLocalCyclicDependencyGuard.observe(AbstractInjector.java:270)
2021-01-14T21:18:24.3024703Z at org.picocontainer.injectors.ConstructorInjector$1.run(ConstructorInjector.java:335)
2021-01-14T21:18:24.3025191Z at org.picocontainer.injectors.AbstractInjector$ThreadLocalCyclicDependencyGuard.observe(AbstractInjector.java:270)
2021-01-14T21:18:24.3026213Z ##[error]at org.picocontainer.injectors.ConstructorInjector.getComponentInstance(ConstructorInjector.java:364)
2021-01-14T21:18:24.3027140Z at org.picocontainer.injectors.ConstructorInjector.getComponentInstance(ConstructorInjector.java:364)
2021-01-14T21:18:24.3028496Z ##[error]at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.getComponentInstance(AbstractInjectionFactory.java:56)
2021-01-14T21:18:24.3038861Z at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.getComponentInstance(AbstractInjectionFactory.java:56)
2021-01-14T21:18:24.3039731Z ##[error]at org.picocontainer.behaviors.AbstractBehavior.getComponentInstance(AbstractBehavior.java:64)
2021-01-14T21:18:24.3040443Z at org.picocontainer.behaviors.AbstractBehavior.getComponentInstance(AbstractBehavior.java:64)
2021-01-14T21:18:24.3041099Z ##[error]at org.picocontainer.behaviors.Stored.getComponentInstance(Stored.java:91)
2021-01-14T21:18:24.3041696Z at org.picocontainer.behaviors.Stored.getComponentInstance(Stored.java:91)
2021-01-14T21:18:24.3042430Z ##[error]at org.picocontainer.DefaultPicoContainer.instantiateComponentAsIsStartable(DefaultPicoContainer.java:1034)
2021-01-14T21:18:24.3043141Z at org.picocontainer.DefaultPicoContainer.instantiateComponentAsIsStartable(DefaultPicoContainer.java:1034)
2021-01-14T21:18:24.3044179Z ##[error]at org.picocontainer.DefaultPicoContainer.addAdapterIfStartable(DefaultPicoContainer.java:1026)
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1003)
2021-01-14T21:18:24.3044981Z at org.picocontainer.DefaultPicoContainer.addAdapterIfStartable(DefaultPicoContainer.java:1026)
2021-01-14T21:18:24.3045380Z at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1003)
2021-01-14T21:18:24.3046833Z ##[error]at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:122)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:126)
2021-01-14T21:18:24.3048047Z at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
2021-01-14T21:18:24.3048538Z at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:122)
2021-01-14T21:18:24.3048943Z at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
2021-01-14T21:18:24.3049357Z at org.sonar.scanner.bootstrap.GlobalContainer.doAfterStart(GlobalContainer.java:126)
2021-01-14T21:18:24.3053772Z ##[error]at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:58)
at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:52)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)
2021-01-14T21:18:24.3056599Z at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:123)
2021-01-14T21:18:24.3057004Z at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:109)
2021-01-14T21:18:24.3057419Z at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:58)
2021-01-14T21:18:24.3057742Z at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:52)
2021-01-14T21:18:24.3058103Z at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
2021-01-14T21:18:24.3058732Z at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2021-01-14T21:18:24.3059077Z at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
2021-01-14T21:18:24.3059503Z at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2021-01-14T21:18:24.3059850Z at java.base/java.lang.reflect.Method.invoke(Method.java:566)
2021-01-14T21:18:24.3060210Z at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
2021-01-14T21:18:24.3060522Z at com.sun.proxy.$Proxy0.execute(Unknown Source)
2021-01-14T21:18:24.3060806Z at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
2021-01-14T21:18:24.3061179Z at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
2021-01-14T21:18:24.3061485Z at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
2021-01-14T21:18:24.3061781Z at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
2021-01-14T21:18:24.3062048Z at org.sonarsource.scanner.cli.Main.main(Main.java:61)
2021-01-14T21:18:24.3063139Z ##[error]Caused by: java.lang.IllegalStateException: Unable to load component interface org.sonar.scanner.scan.branch.BranchConfiguration
2021-01-14T21:18:24.3064572Z Caused by: java.lang.IllegalStateException: Unable to load component interface org.sonar.scanner.scan.branch.BranchConfiguration
2021-01-14T21:18:24.3065679Z ##[error]at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:52)
2021-01-14T21:18:24.3066643Z at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:52)
2021-01-14T21:18:24.3067566Z ##[error]at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:632)
2021-01-14T21:18:24.3068230Z at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:632)
2021-01-14T21:18:24.3069119Z ##[error]at org.picocontainer.parameters.BasicComponentParameter$1.resolveInstance(BasicComponentParameter.java:118)
2021-01-14T21:18:24.3069868Z at org.picocontainer.parameters.BasicComponentParameter$1.resolveInstance(BasicComponentParameter.java:118)
2021-01-14T21:18:24.3070940Z ##[error]at org.picocontainer.parameters.ComponentParameter$1.resolveInstance(ComponentParameter.java:136)
2021-01-14T21:18:24.3071605Z at org.picocontainer.parameters.ComponentParameter$1.resolveInstance(ComponentParameter.java:136)
2021-01-14T21:18:24.3072435Z ##[error]at org.picocontainer.injectors.SingleMemberInjector.getParameter(SingleMemberInjector.java:78)
2021-01-14T21:18:24.3073127Z at org.picocontainer.injectors.SingleMemberInjector.getParameter(SingleMemberInjector.java:78)
2021-01-14T21:18:24.3076935Z ##[error]at org.picocontainer.injectors.ConstructorInjector$CtorAndAdapters.getParameterArguments(ConstructorInjector.java:309)
at org.picocontainer.injectors.ConstructorInjector$1.run(ConstructorInjector.java:335)
at org.picocontainer.injectors.AbstractInjector$ThreadLocalCyclicDependencyGuard.observe(AbstractInjector.java:270)
at org.picocontainer.injectors.ConstructorInjector.getComponentInstance(ConstructorInjector.java:364)
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.getComponentInstance(AbstractInjectionFactory.java:56)
at org.picocontainer.behaviors.AbstractBehavior.getComponentInstance(AbstractBehavior.java:64)
at org.picocontainer.behaviors.Stored.getComponentInstance(Stored.java:91)
at org.picocontainer.DefaultPicoContainer.getInstance(DefaultPicoContainer.java:699)
at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:647)
at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:50)
… 34 more
Caused by: Not authorized. Please check the properties sonar.login and sonar.password.
2021-01-14T21:18:24.3079478Z at org.picocontainer.injectors.ConstructorInjector$CtorAndAdapters.getParameterArguments(ConstructorInjector.java:309)
2021-01-14T21:18:24.3079922Z at org.picocontainer.injectors.ConstructorInjector$1.run(ConstructorInjector.java:335)
2021-01-14T21:18:24.3080328Z at org.picocontainer.injectors.AbstractInjector$ThreadLocalCyclicDependencyGuard.observe(AbstractInjector.java:270)
2021-01-14T21:18:24.3080781Z at org.picocontainer.injectors.ConstructorInjector.getComponentInstance(ConstructorInjector.java:364)
2021-01-14T21:18:24.3081229Z at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.getComponentInstance(AbstractInjectionFactory.java:56)
2021-01-14T21:18:24.3081869Z at org.picocontainer.behaviors.AbstractBehavior.getComponentInstance(AbstractBehavior.java:64)
2021-01-14T21:18:24.3082239Z at org.picocontainer.behaviors.Stored.getComponentInstance(Stored.java:91)
2021-01-14T21:18:24.3082614Z at org.picocontainer.DefaultPicoContainer.getInstance(DefaultPicoContainer.java:699)
2021-01-14T21:18:24.3082981Z at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:647)
2021-01-14T21:18:24.3083415Z at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:50)
2021-01-14T21:18:24.3083706Z … 34 more
2021-01-14T21:18:24.3083951Z Caused by: Not authorized. Please check the properties sonar.login and sonar.password.
2021-01-14T21:18:24.4006735Z Process returned exit code 1

mickaelcaro · January 22, 2021, 7:42am

Hi @trexx00

Is that possible for you to share the full log of a PR analysis, with debug mode enabled ? I can PM you for that if needed.

I need to see where it’s failing exactly.

Thanks !

trexx00 · February 8, 2021, 7:24pm

OK, Will do. I thought that what I included was full. It is the full output for the Analyze step.
The language of the error has changes a bit, though I’ve not changed the scan parameters. I suspect the same root cause of access.
So Please PM me and I’ll send the full content.

Thank you.

helium · February 18, 2021, 11:08am

We are experiencing the exact same symptoms since yesterday (2021-02-17) around 15 CET. Was there any solution to this?

Our setup: Azure DevOps with the sonarcloud extension, using service connection for auth.
Works just fine for manually triggered jobs in azure, but fails for auto-triggered PR builds
Sonar analyze step fails with the logg below (note that the "Load branch configuration does not complete)

Log:

trexx00 · February 23, 2021, 2:46pm

Hi,
No solution yet. Still working with @mickaelcaro to resolve it. More clues still needed.
The error language change was what it was no longer finding the pull request id’s. That happened with no changes to the pipelines.

pat_munkiisoft · March 18, 2021, 10:18am

We also have this issue. This post "Not authorized. Please check the properties sonar.login and sonar.password." for PR automated pipelines - #4 suggests that a PErsonal Access Token needs updating at https://sonarcloud.io/organizations/{my_company}/edit

That sounds like a bug to me. Why?

We’ve never had to create a Personal Access Token for it to work befoire
The label for the input box says “Status of you current token: is not valid. You must change it here:”. Type of “your” like this tyext is not normally seen
If it did need a PAT what scopes should i give it?

pat_munkiisoft · March 22, 2021, 10:56am

This is breaking other repos/pipelines now.

mickaelcaro · March 22, 2021, 2:11pm

Hi @pat_munkiisoft

Can you share a screenshot or a log of the error please ?

Thanks.

pat_munkiisoft · March 22, 2021, 5:54pm

Sorry for the delay in upload. I didn’t see the notifcation of your reply. I can send you the logs privately if you need them

pat_munkiisoft · March 24, 2021, 4:54pm

Do you need anything else from us? I’m happy to do some digging at this end if you can give me some suggestions

mickaelcaro · March 25, 2021, 1:16pm

Hi @pat_munkiisoft

Have you linked your Azure DevOps organization with SonarCloud ? Is yes, can you go to the Administration → Organization setting menu of your organization ?

You should see something like this :

In particular the Azure DevOps connectivity management.

Is your token still displayed as valid here ?

pat_munkiisoft · March 25, 2021, 3:26pm

No the token is not valid. That is what I mentioned last week. I haven’t simply updated the PAT becuase I do not know what scopes to give it nor do I remember ever having to create a PAT in the past.

Here is a screenshot of that page

FWIW When I authenticate with sonarcloud.io website I choose the Azure Dev Ops option and log in that way.

mickaelcaro · March 25, 2021, 3:28pm

Hi @pat_munkiisoft

So you need to update it. Once your organization has been bound, this token is used for multiple purposes.

You have the documentation here : https://sonarcloud.io/documentation/getting-started/azure-devops/

You need to create a new PAT with Code (Read and Write) scope.

Mickaël

trexx00 · March 25, 2021, 4:50pm

Hi Mickaël,

For us the token is valid though we have the issue.

What do you recommend looking at next ?

/Tyrone

pat_munkiisoft · March 25, 2021, 5:05pm

Our PR builds are now working again. What confuses me is how a broken PAT at the Organsiation level could be failing on PR builds but not other builds.

Thanks for pointing out the docs.

It could be argued it was a bit of a RTFM moment but I couldn’t see how a PAT that i never remebered creating could be the reason for just PR builds being broken

mickaelcaro · March 26, 2021, 7:18am

It has at least be defined when you have linked your Azure DevOps organization with the SonarCloud one (either at the very first creation of it, or you can also bind it afterwards).

For PullRequest, we’re making API calls against AzDo when you have a bound organization (link between both) that’s the reason why we need a token.

@trexx00 Do you still have the same error with the wrong pull request key?

trexx00 · March 26, 2021, 1:14pm

Hi, Michael

Its close, reports it cannot find the pull request key. Error text:

##[error]ERROR: Could not find the pullrequest with key ‘5329’

ERROR: Caused by: Error 404 on https://sonarcloud.io/api/alm_integration/show_pullrequest?project=REMOVED&pullrequestKey=5329 : {“errors”:[{“msg”:“Requested resource wasn’t found on Azure DevOps.”,“reason”:“AZURE_DEVOPS_UNABLE_TO_FETCH_REQUESTED_RESOURCE”}]}

/Tyrone