we’re developing an extension of the sonar plugin for java which checks for our own architectural rules and are currently facing some issues with the Travis CI build on new PRs in our GitHub repository.
The problem is that when the command mvn clean org.jacoco:jacoco-maven-plugin:prepare-agent install sonar:sonar -Dsonar.projectKey=devonfw_sonar-devon4j-plugin -Dsonar.host.url=https://sonarcloud.io
is run, it says that I am not authorized to run analysis on the project. This seems a little weird to me, as the project is listed as public on SonarCloud.
Has anyone encountered this error before and maybe found a solution?
thanks for the reply. Unfortunately this didn’t solve it. I tried some more new configurations in the travis.yml, but they didn’t work either. It may simply be an issue with me not having any rights to run an analysis. Seems weird though, as the sonarcloud token used in the travis.yml was generated by the project adminstrator. I tried creating one of my own and using that one, but it gives me the same error.
Hi Lmar,
If I understood correctly, we are talking about an external pull request which is considered an unsecure environment (since anyone can create them).
Unfortunately the sonarcloud addon doesn’t run and can’t set up the analysis based on the configuration in the YML fie.
We have a ticket to improve things but it doesn’t depend on us alone to find a solution.
thanks to you two for helping.
As this happens with pull requests only, I adjusted the configuration in the yml file so that the sonarcloud analysis is only executed when not in a pull request. Else, the standard build command ‘mvn clean install’ is ran.