sonar-scanner -X -Dsonar.login=${{ secrets.SONAR_TOKEN }}You're not authorized to run analysis. Please contact the project administrator.
When member of organisation creates a PR - sonar works like a charm.
But when a random contributor creates PR - sonar crash with the error.
Is it by design or is it some misconfiguration on our organisation’s sonar settings?
Hello @vladimir_abr, can you give more information about the random contributor? It is someone that is not part of the organisation and forked the project in order to create a PR? In that case, forked repositories will not have the SONAR_TOKEN properly configured, since it is a secret stored at the repo variable settings (does not matter if it is a public one). We are working to make possible run analysis on external PR (without using the current token you have configured, which is private and should not be shared in a public context), i can also update you here when this is done.
Yes, this is exactly the case. PR from external fork.
Thanks! Looking forward!
So for now, it is better to first check if ‘SONAR_TOKEN’ is present and than perform analysis?
It is up to you, the analysis will fail when the token is invalid or missing. Maybe you want a cleaner output, so go for it! 
You can also follow the new feature progress here if you want: Log in with Atlassian account but i will update here as well as i mentioned.
Hi, I’m also facing the same problem. Do you think this issue will be fixed any time soon?
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.