Login seems to not be working inside Bitbucket SonarCloud settings

Hi, I’m unable to link inside a Bitbucket cloud repository with SonarCloud, steps:

  • In a Bitbucket cloud repository, go to Repository Settings -> SonarCloud -> Settings
  • Login using the Bitbucket account
  • A popup window is open and close (I suppose the login worked OK) but I’m still shown the same Bitbucket page without the listing of SonarCloud projects.
  • Retrying doesn’t seem to work.
  • Here is a picture where I’m referring to:

1 Like

Welcome to the community!

I’m not able to reproduce the strange state you got into. My hunch is that it has something to do with session cookies. Can you please try the following:

  • Clean logout and login:
    • Logout from both Bitbucket and SonarCloud
    • Login to Bitbucket
    • Login to SonarCloud with Bitbucket
    • Go to the SonarCloud settings page on Bitbucket: there should not be a login button anymore!
  • Try the same steps, but in an incognito window of your browser
  • Try the same steps, after clearing all cookies of both Bitbucket and SonarCloud
  • Try the same steps, after disabling ad blocker browser plugins on Bitbucket domain

Let us know how this goes!

Hi Janos,

Thank you for your response. I have just tried following your recommendations, even with a different browser (Safari) but same thing happens. I can login in sonarcloud.io with my Bitbucket account, I’m an admin user for the organization I’m working on. The weird thing is inside Bitbucket as I was referring in the original post. Here are some details in the console:

A cookie associated with a cross-site resource at http://sonarcloud.io/ was set without the `SameSite` attribute. It has been blocked, as Chrome now only delivers cookies with cross-site requests if they are set with `SameSite=None` and `Secure`. You can review cookies in developer tools under Application>Storage>Cookies and see more details at https://www.chromestatus.com/feature/5088147346030592 and https://www.chromestatus.com/feature/5633521622188032.

request.js:85 GET https://sonarcloud.io/api/projects/search_my_projects?ps=500 401

DevTools failed to load SourceMap: Could not load content for https://sonarcloud.io/integration/bitbucketcloud/plugin.min.js.map: HTTP error: status code 404, net::ERR_HTTP_RESPONSE_CODE_FAILURE

As my organization has a paid Sonarcloud plan, do you know if there is another way to contact you like phone/chat? Thanks!

The warning about the cookie you see on the console, I get the exact same thing too, and it should not cause an issue.

The failure of GET https://sonarcloud.io/api/projects/search_my_projects?ps=500 401 is the behavior when you are not logged in on SonarCloud. If you are in fact logged in on sonarcloud.io, then this request should work. (Can you open this link in your browser? https://sonarcloud.io/api/projects/search_my_projects)

Have you followed the steps exactly as I asked you? The order of the steps is important. Make sure you are already logged into sonarcloud.io, with the correct Bitbucket account, before going to the repository settings page on Bitbucket. Please confirm!

Browser plugins such as adblock or ghostery are known to interfere with the integration sometimes, so make sure they are disabled while debugging this, to avoid unnecessary complications.

We don’t have dedicated paid support, this thread is the way!

The link https://sonarcloud.io/api/projects/search_my_projects does work and it shows all the SonarCloud projects of my organization.

I have performed again the steps you mentioned, even in a fresh browser like Safari, but still, the SonarCloud login page is shown in Bitbucket.

Should I try something else? Perhaps something with the Bitbucket SonarCloud app?

I don’t quite understand how this could happen, but it looks as if the sonarcloud.io cookies are not being passed correctly with the request when you’re on the SonarCloud Settings page. In your browser console, can you please check the cookies of the request? It should look something like this:

Let’s take a step back to focus on your use case. You are trying to link to a project on SonarCloud from the Bitbucket settings. This is actually not a path we recommend. The recommended path to bind projects is from the SonarCloud UI: from the plus icon in the top right corner, Analyze new project, select the organization (or import new), and check the project from the list.

Can you try to bind this way?

Thanks for your instructions!

The first recommendation, looking at the cookies, does not show any cooke, only a fail response with http error code 401 and response message:

{"errors":[{"msg":"Authentication is required"}]}

The second recommendation, about linking the bitbucket project through the SonarCloud, seems to be working fine, as going to Bitbucket -> SonarCloud settings shows " This repository is already bound to a SonarCloud project".

However, when I want to enable the checkbox “Show repository overview widget” it fails with:

I think the message about App authorizations is asking you to go to https://bitbucket.org/account/settings/app-authorizations/. At the bottom of the page you can see a list of denied applications, and I suspect you will find the SonarCloud app there, which might explain why the cookies are not forwarded correctly. Please remove the app from the denied list, and let us know if this fixes the problem.

You are right! Removing SonarCloud from that denied list did make the trick. I’m still unable to link an existing repository through Bitbucket, but I can use the recommended path to link it through SonarCloud.

Thank you!

Even after you removed the app from the denied list, you still see the login button on SonarCloud Settings? What if you try in a clean browser session? (incognito window)

I believe the issue here is that browsers are starting to block those cookies.
Here is what I am seeing on latest Chrome:

here is the link to Chromes page about it:
https://www.chromestatus.com/feature/5633521622188032

I imagine other browsers are going to follow suite,
the integration plugin in BB probably needs to be updated to set the cookies differently.

1 Like

Thanks for the link. It’s interesting, but doesn’t really match what we’re observing. The article is about insecure cookies with SameSite=None, but in our use case the cookies are secure.

ok, looked again, and noticed there is a second article they also link to,
which is the one that I believe is actually the issue with the plugin.

The issue is not Secure vs Inescure, but the fact that no SameSite value was specified:
https://www.chromestatus.com/feature/5088147346030592
Chrome changed the “default” behavior… :roll_eyes:
(and probably other browsers will follow path.
The change does make sense as to why they would want the other default.)

1 Like

Hello Caleb,

And thanks for helping digging into this, I was able to reproduce the issue and we are looking into adding the SameSite=None to our cookie. I’ll come back to you as soon as we have a community ticket for it.

In the mean time if you are stuck because of this you can still manually add the SameSite=None in the browser debug tools to have the list appear. It’s only temporary but might help while to deliver the fix.

2 Likes

Awesome, thanks for keeping me in the loop!
And that is a great idea for “workaround” for now. much easier than using a different browser.
(and who knows when other browsers will start changing their defaults!)

1 Like