Project key and organization key no longer being detected by bitbucket pipeline sonarcloud-scan

act-mreeves · September 3, 2025, 10:13pm

Hi folks!

ALM used: Bitbucket Cloud
CI system used: Bitbucket Cloud

Bitbucket pipeline snippet for sonarcloud-scan:

    - step: &sonarcloud
        name: Scan with sonarcloud
        image:
          name: atlassian/default-image:2
        size: 2x
        caches:
          - sonar
          - docker
        services:
          - docker2x
        script:
          - APP_VERSION="$(node -pe "require('./package.json').version")"
          - pipe: sonarsource/sonarcloud-scan:4.1.0
            variables:
              SONAR_SCANNER_OPTS: -Xmx4096m
              EXTRA_ARGS: |
                -Dsonar.projectVersion="${APP_VERSION}"

Yesterday this worked:

19:45:11.007 INFO  Found an active CI vendor: 'Bitbucket Pipelines'
19:45:11.172 INFO  Detected project key 'foo-org_bar-repo' from 'Bitbucket Cloud Pipelines'
19:45:11.173 INFO  Detected organization key 'foo-org' from 'Bitbucket Cloud Pipelines'
19:45:11.176 INFO  Load project settings for component key: 'foo-org_bar-repo'
19:45:11.517 INFO  Load project settings for component key: 'foo-org_bar-repo' (done) | time=341ms

Today it does not:

19:00:01.557 INFO  Found an active CI vendor: 'Bitbucket Pipelines'
19:00:01.785 WARN  The project has not been created on SonarCloud. Please go to https://sonarcloud.io/projects/create to set up the project.
19:00:01.788 INFO  Load global settings
19:00:01.977 INFO  Load global settings (done) | time=188ms
19:00:01.985 INFO  Process project properties
19:00:02.026 ERROR You must define the following mandatory properties for 'Unknown': sonar.projectKey, sonar.organization
19:00:02.356 INFO  EXECUTION FAILURE

Somehow yesterday it was able to deduce the projectKey and organization but today it cannot.

Today we need to explicitly edit sonar-project.properties and add these lines:

sonar.projectKey=foo-org_bar-repo
sonar.organization=foo-org

We have a few hundred repos that we’d prefer to not have to do this for. What changed?

Colin · September 4, 2025, 8:40am

Hello,

If the SonarQube Cloud Bitbucket application was uninstalled from your Bitbucket organization or workspace, you may encounter these symptoms.

Could you please check if both your organization is bound and your project is bound as well?

act-mreeves · September 4, 2025, 3:49pm

Thanks for your reply. Yes, the SonarQube Cloud app is still installed in bitbucket at Log in with Atlassian account.

Since yesterday I have a new piece of information. A while back Sonar made it so unused tokens expire: Removing inactive tokens after 60 days . This caused pipelines that do not run often to start failing when they DID run. We discovered we could use one token saved to SONAR_TOKEN at the Workspace level and all jobs could successfully use that (e.g. the token does not seem to be scoped to a certain ProjectKey) after we deleted any of the SONAR_TOKEN variables set at the repo level. As I mentioned we started specifying sonar.projectKey and sonar.organization due to the error and that fixed the issue. Later in the day we decided to rotate that shared SONAR_TOKEN and that fixed the issue without specifying sonar.projectKey and sonar.organization. Any idea what is going on? Thanks!

Colin · September 5, 2025, 8:35am

Hey @act-mreeves

Just sounds like you had an expired token, as you mentioned.

I agree the error message makes little sense here.

19:00:02.026 ERROR You must define the following mandatory properties for ‘Unknown’: sonar.projectKey, sonar.organization

And I’ll flag that for the team.

act-mreeves · September 5, 2025, 8:43pm

That’s what was odd. It stopped working from one day to the other (broke the day I posted here). I feel like the issue is more subtle because the “old token” once sonar.projectKey and sonar.organization were set worked. Thanks for your help.

antigravitygoat · September 17, 2025, 2:18pm

I have the same problem using BB pipelines starting around the same date. I agree, there may be something more happening here.

In my case, the token did not expire. Some other notable items:

Only some of my repos have this problem now with no apparent commonality among failing or succeeded.
I can fork a problematic repo, bind the new repo to a new sonar project.
Run the same exact bitbucket pipeline on the same codebase.
It works just fine.
When I add sonar.organization property, I get
Could not find a default branch for project with key '*****'. Make sure project exists.
When I add both sonar.organization and sonar.projectKey, success.

Colin · September 17, 2025, 2:51pm

Hey @antigravitygoat

In this case, what token do you use? A new one, or an old one?

antigravitygoat · September 17, 2025, 3:11pm

@Colin The old token.

Colin · September 18, 2025, 2:36pm

Hm. Back to the old project (that stopped working), do you get the same message as @act-mreeves in the scanner logs?

19:00:01.557 INFO  Found an active CI vendor: 'Bitbucket Pipelines'
19:00:01.785 WARN  The project has not been created on SonarCloud. Please go to https://sonarcloud.io/projects/create to set up the project.

If so… indeed, I see an increased error rate on GET api/alm_integration/show_project which started around September 4th.

I don’t know why yet, but something is definitely weird. I’ll flag this for the team.

jmiser · September 18, 2025, 6:48pm

I am also seeing this issue. Weird thing is not all repos are having this issue.

One that is failing started between 9/3 and 9/5:
9/3: SonarQube version: 11.19.0.895
[INFO] Detected project key '*****_app-ms' from 'Bitbucket Cloud Pipelines'

[INFO] Detected organization key '*****' from 'Bitbucket Cloud Pipelines'
9/5: SonarQube version: 11.19.0.903
[WARNING] The project has not been created on SonarCloud. Please go to https://sonarcloud.io/projects/create to set up the project.

and has continued to fail

Another repo has been through the same process and has not failed yet.

Colin · September 19, 2025, 8:37am

We think we’ve figured it out – a permissions check that was added on this API only checks for the project permission on Execute Analysis, and not for the same permission granted at the org-level. It’s under investigation.

antigravitygoat · September 19, 2025, 11:54am

Yes. Thanks for looking into it.

Antoine · October 1, 2025, 1:18pm

Hello @antigravitygoat, @jmiser, @act-mreeves,

I’m the one who did the change and I confirm @Colin got it right: we only check the"Execute Analysis" permission at the Project level, while it could also be set at the Organization level.

We have a bug fix in progress that will hopefully land on production before the end of the week. I’ll post an update here when it is.

Meanwhile, you can configure the permission at the project level to unstuck yourself.

Cheers

Antoine · October 2, 2025, 1:02pm

It’s fixed and deployed on production now, you should no longer have the problem.

Cheers,

antigravitygoat · October 2, 2025, 5:28pm

Thank you @Antoine , this fixed our builds.

Topic		Replies	Views
Bitbucket Cloud Maven scan fails with no project key or organization SonarQube Cloud scanner	1	1421	November 11, 2019
Set up Bitbucket pipeline - SonarCloud Integration - Migrate Projects in Sonarcloud SonarQube Cloud migration , bitbucketcloud , aws , sonarqube-cloud	2	553	May 24, 2023
New BitBucket pipeline instructions are incomplete SonarQube Cloud scanner , bitbucket	1	786	December 6, 2021
Using new bitbucket pipeline integration SonarQube Cloud	3	1471	March 2, 2020
Create project in SonarCloud with custom projectKey through Bitbucket Pipelines SonarQube Cloud maven , bitbucketcloud	7	1012	March 6, 2023

Project key and organization key no longer being detected by bitbucket pipeline sonarcloud-scan

Related topics