We are running sonarqube 10.1 on an internal VM Server. We are using Gitlab CI to build and run sonar-scanner on our code. We have set up environmental variables on the CI Job for the SONAR_URL and SONAR_TOKEN. The token is a global analysis token (sqa_). The user assigned to that token has global admin with analysis permissions on all projects. We have run one scan on a project with no issues. We configured another project (same gitlab instance, same build CI Servers, same permissions on the sonarqube project), but the second project is failing on the sonar-scanner.
11:14:51.349 INFO: CPD Executor CPD calculation finished (done) | time=67ms
11:14:51.357 DEBUG: SCM revision ID 'bc91a3377cd6bb4dd70819300e4c383d403319ea'
11:14:51.442 INFO: Analysis report generated in 84ms, dir size=1.3 MB
11:14:51.626 INFO: Analysis report compressed in 184ms, zip size=732.3 kB
11:14:51.626 INFO: Analysis report generated in /home/gitlab-runner/builds/Nj97UqsK/0/research-informatics/labconnect/.scannerwork/scanner-report
11:14:51.626 DEBUG: Upload report
11:14:51.673 DEBUG: POST 403 <our URL>/api/ce/submit?projectKey=research-informatics_labconnect_AYp0lRvCt4LgbfhqfYDh | time=46ms
11:14:51.680 DEBUG: eslint-bridge server will shutdown
11:14:56.681 DEBUG: eslint-bridge server closed
11:14:57.232 INFO: ------------------------------------------------------------------------
11:14:57.232 INFO: EXECUTION FAILURE
11:14:57.232 INFO: ------------------------------------------------------------------------
11:14:57.232 INFO: Total time: 31.482s
11:14:57.297 INFO: Final Memory: 33M/120M
11:14:57.297 INFO: ------------------------------------------------------------------------
11:14:57.297 ERROR: Error during SonarScanner execution
java.lang.IllegalStateException: Failed to upload report: You're not authorized to analyze this project or the project doesn't exist on SonarQube and you're not authorized to create it. Please contact an administrator.
at org.sonar.scanner.report.ReportPublisher.upload(ReportPublisher.java:227)
at org.sonar.scanner.report.ReportPublisher.execute(ReportPublisher.java:155)
at org.sonar.scanner.scan.SpringProjectScanContainer.doAfterStart(SpringProjectScanContainer.java:376)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:137)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:71)
at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:65)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.base/java.lang.reflect.Method.invoke(Unknown Source)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
at org.sonarsource.scanner.cli.Main.execute(Main.java:126)
at org.sonarsource.scanner.cli.Main.execute(Main.java:81)
at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: You're not authorized to analyze this project or the project doesn't exist on SonarQube and you're not authorized to create it. Please contact an administrator.
I have verified the project key is correct. I have deleted and recreated the project in sonarqube multiple times (updating the project key each time) with the same results.
I looked at our SonarQube log (access.log) and it does not appear that a POST method is being recorded in that log.
The only solution I found was to modify the project to disable the SCM Scanner. When that is disabled, the scanning was successful. The other project does have this feature enabled and works without issue. Is there a reason why this feature can only work on one project?