Github: SonarCloud is reporting errors. Check the SonarCloud status page for help

Hi, we are using Github with Advanced Security (if that matters). I have a number of repos that are reporting “SonarCloud is reporting errors. Check the SonarCloud status page for help.”:

in the repo settings under code security and analysis. The status page really doesn’t provide much help:

SonarCloud seems to be running fine against PRs:

Any ideas how to fix this? – Bud

Hey there!

Are you using Automatic Analysis or do you trigger analysis through a CI (like GitHub Actions)?

Is your Main Branch regularly being analyzed?

Automatic analysis and that seems to be working. In the SonarCloud console, I see PRs and the master/main branch getting analyzed.

Hey @budb,

I have sent you a private message to get some more info

Thanks,

1 Like

Hi @budb

Thank you for more details.

A few follow-up questions:

  • you mentioned that not all your projects have this problem - is there any difference in configuration? Could you make sure that the Code security and analysis is enabled in the failing repos?
  • Did all problematic projects started having this problem at this same time? E.g. is the date of the last analysis reported by GitHub suggesting similar time?
  • Can you see any alerts reported after December 5th in the Code scanning Security tab? Also, if you introduce a vulnerability, is it reported?

Anita

A few follow-up questions:

  • you mentioned that not all your projects have this problem - is there any difference in configuration? Could you make sure that the Code security and analysis is enabled in the failing repos?

Code security and analysis is enabled. No obvious difference in config. I’ve only found one project that does not have this error in the repo.

  • Did all problematic projects started having this problem at this same time? E.g. is the date of the last analysis reported by GitHub suggesting similar time?

Does not appear so. One repo I am looking at now, shows this:

but in the Sonarcloud console shows that code is getting analyzed:

In a recent PR:

CleanShot 2024-04-16 at 15.35.42.png

The console also shows 13 issues, I I sort of expect these to show up in GH under code scanning right?
CleanShot 2024-04-16 at 15.51.17.png

  • Can you see any alerts reported after December 5th in the Code scanning Security tab? Also, if you introduce a vulnerability, is it reported?

I really don’t see anything showing up under code scanning from SC for any of the repos…

We also have this app installed from 4 years ago. Is this still a thing?

Hi @budb

Thanks a lot for the additional info.

In one of the screenshots we can see Errors detected in 1 configuration - it looks like something is misconfigured there. There is an option to View configuration there - could you check what problem GitHub reports?

Anita

When I drill down, it just shows that it hasn’t been scanned for a long while (even though it seems to have been scanned)