GitLab CI integration: branch other than `Default Branch` (master) is not autorised


  • SonarQube Developer Edition Version 8.1
  • GitLab Community Edition 12.0.3
  • sonarsource/sonar-scanner-cli:latest

What are you trying to achieve

I am trying to report to SonarQube using GitLab CI from any branch.

What have you tried so far to achieve this

SonarQube see the report:

  • From Default Branch within GitLab CI
  • Localy (using docker) with any branch name (it add a new branch to SonarQube when I set to a new name):
docker run -it -v "C:\SRC-PATH:/usr/src" -e SONAR_HOST_URL='https://HOSTNAME' -e SONAR_TOKEN='TOKEN' sonarsource/sonar-scanner-cli:latest

When it work, I can read in the log:

INFO: Load global settings
DEBUG: GET 200 https://HOSTNAME/api/settings/values.protobuf
INFO: ------------------------------------------------------------------------
INFO: ------------------------------------------------------------------------

But when I push to an other branch than the default branch (even if that branch name exist in SonarQube), I read this in the log and the job fail:

INFO: Load global settings
DEBUG: GET 401 https://HOSTNAME/api/settings/values.protobuf
INFO: ------------------------------------------------------------------------
INFO: ------------------------------------------------------------------------

I have provided SONAR_HOST_URL and SONAR_TOKEN as CI variables.

Here is my sources files:



  - quality

  stage: quality
    name: sonarsource/sonar-scanner-cli:latest
    entrypoint: [""]
    - sonar-scanner -X -Dsonar.qualitygate.wait=true"${CI_COMMIT_REF_NAME}"
  allow_failure: true


  • Is there any GitLab environment variables that interfere with sonar-scanner?
  • Is there any other SONAR tag that need to be set in order to report to a specific branch in SonarQube? (or to create a new branch when it is not yet a SonarQube branch?)

Thanks in advance. :slight_smile:

Unless the SONAR_TOKEN is not available for certain builds in GitLab, there shouldn’t be a problem.
I don’t think the failing WS (api/settings/values) even requires authentication at all.
Do you have a proxy between GitLab and SonarQube that could be blocking the access?

I had set SONAR_TOKEN to protected in CI variables, so SONAR_TOKEN was only available in protected branch.

To solve the problem, in GitLab, unset protected from SONAR_TOKEN or protect all branch needed to analyse.

Thanks a lot

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.