GitHub App doesn't have the following permissions: 'contents:read'

Must-share information (formatted with Markdown):

• which versions are you using (SonarQube Server / Community Build, Scanner, Plugin, and any relevant extension) : 2025.1 LTA Enterprise Version
• how is SonarQube deployed: zip, Docker, Helm : Docker
• what are you trying to achieve : We upgraded recently to the latest Sonar Server 2025.1 Enterprise and post upgrade users are reporting that the Sonar Scans are working fine but the results are not reported to the PR’s via github action. When we checked the Sonar project we found that there is the warning reported as Failed to report status to Devops platform because the GitHub App doesn’t have the following permissions: 'contents:read '.Please read “Activating pull request decoration” section in the “Get Started > GitHub” documentation page to fix your setup.

The Github Action is reporting that “Expected — Waiting for status to be reported” and the PR merge is blocked due to this.
We just recently upgraded the server before that everything was working fine. There are no changes done to Github APP permissions we are using the same APP which was used before the upgrade.

Hey there.

I’m not sure what version you upgraded from, but this permission became required in v9.0 (docs).

In any case, the fix should be pretty simple. Verify that your app has the correct permissions set, and add the missing permission if it’s indeed missing!

Hey Colin, We upgraded from 8.X version to the latest sonar. We will make the changes now to see if this works. Thanks a lot for letting us know about the change from optional → mandatory.