No SonarCloud Analysis available for PRs from fork

Hello,

Could I have some news about this problem Make it possible for PR's from forks to run the SonarCloud scan · Issue #234 · Altinn/app-frontend-react · GitHub ?
Currently, in my open-source project (GitHub - green-code-initiative/creedengo-rules-specifications: Reduce the environmental footprint of your software programs with SonarQube), I have some forks which want to merge some commits into my original project. But, when a PR from one fork is created on my original project, we have an error when trying to communicate with SonarCloud (like original project branches already do) :
“Error: Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:5.0.0.4389:sonar (default-cli) on project creedengo-rules-specifications: Error status returned by url [https://api.sonarcloud.io/analysis/jres?os=linux&arch=x86_64]: 401 → [Help 1]”
example : test ddc - egry35 · green-code-initiative/creedengo-rules-specifications@6370659 · GitHub

As I see in issue Make it possible for PR's from forks to run the SonarCloud scan · Issue #234 · Altinn/app-frontend-react · GitHub, it seems to be a problem already known.
But if no solution is possible, how can I check if a PR created from a fork is Ok for SonarCloud to accept it ? (quality gate, issues, …)

Thank you for answer.
Best regards.
David.

Hey @dedece35

SonarQube Cloud supports the analysis of PRs from forks when using Automatic Analysis. The primary downside of this is that you won’t have coverage information included in the results.

Analyzing PRs from forks using CI-based analysis is a problem since it involves exposing a SonarQube Cloud token to contributors. Some users have tried to find workarounds to this, but they are fairly complicated and not well-supported.

Ideally, we would find a way to integrate test and coverage reports into Automatic Analysis, leaving that as the complete solution to support analysis of PRs from forked repos.