Maven plugin started failing last night

What has changed in SonarCloud that would cause my usage of the maven sonar plugin to start failing?

Error observed:
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184:sonar (default-cli) on project xxxxx: Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator -> [Help 1]

Maven sonar plugin version 3.9.1.2184.
Configuration unchanged and working for >6 months.
Next GITHUB token expiration still a month away.

Maven command run from Jenkins server:

steps {
  withSonarQubeEnv('SonarCloud') {
    withCredentials([string(credentialsId: 'xxxxx_github_token', variable: 'GITHUB_TOKEN')]) {
      sh "mvn -B sonar:sonar \
          -Dsonar.projectKey=${org}_${repo} \
          -Dsonar.branch.name=${env.BRANCH_NAME}" 
    }
  }
}

Also, tried

sh "mvn -B sonar:sonar \
    -Dsonar.projectKey=${org}_${repo} \
    -Dsonar.organization=${org} \
    -Dsonar.branch.name=${env.BRANCH_NAME}"

SONAR_TOKEN is never explicitly set. Since this has been working until now, I assumed that there was no need to explicitly set it.

I was able to restore working scans by generating a security token in SonarCloud for the build user and using that token in the Jenkins Configure System->SonarQube->Server authentication token. Up until now (to the best of my knowledge), that field has been blank/unused.

Problem resolved, but still unsure of why.

1 Like

Hi,

Are you using CircleCI? It’s possible someone revoked your tokens because of their breach…?

 
Ann

No, not using CircleCI.

Then I’m not sure what to tell you. You likely will have needed analysis credentials all along. The question is where they were and where they went.

 
Ann

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.