Hi all, got the same issue as Bruce with the maven plugin and not with the sonar cli.
no resolution after +2 years!
I’m asking why sonar plugin scan all properties (aka windows environment variables) and try to decode all value (as mentionned in Potential Workaround 2 of Bruce post) ?
I try to run
mvn clean package sonar:sonar -Dsonar.projectKey={xxxx} -Dsonar.projectName={ghrepo} -Dsonar.host.url={sonarUrl} -Dsonar.token={theToken}
and get the error stack
Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.11.0.3922:sonar (default-cli) on project {project_name}: Fail to decrypt the property env.{AES property value, NOT RELATED TO SONAR*}. Please check your secret key.: The property sonar.secretKeyPath does not link to a valid file: C:\Users{myid}.sonar\sonar-secret.txt → [Help 1]
so with le code starting at SonarSource : ScannerProperties.java L40 to L45
it’s clear that the code dont check if is a sonar env related… Please open a issue on sonarqube
/sonar-scanner-engine to add sonar prefix to the key before test for encrypted value.