Hi there,
yesterday we created some new projects and some of them fail with “Project not found“ error.
I know that is not the actual cause because first execution we were receiving You are running CI analysis while Automatic Analysis is enabled. Please consider disabling one or the other and we have copied/pasted the config from Sonarqube’s “Analyze a project with GitHub Actions“ page.
ALM used: GitHub
CI system used: GH actions
Scanner command used when applicable: ./gradlew test sonar --info
Languages of the repository: Java
Logs:
Load project settings for component key: 'RatedPower_auth-service'
Load project settings for component key: 'RatedPower_auth-service' (done) | time=479ms
Process project properties
Execute project builders
Execute project builders (done) | time=1ms
Project key: RatedPower_auth-service
Base dir: /home/runner/work/auth-service/auth-service
Working dir: /home/runner/work/auth-service/auth-service/build/sonar
Load project branches
Load project branches (done) | time=388ms
Check ALM binding of project 'RatedPower_auth-service'
Detected project binding: BOUND
Check ALM binding of project 'RatedPower_auth-service' (done) | time=411ms
Load project pull requests
Load project pull requests (done) | time=430ms
Load branch configuration
Github event: pull_request
Auto-configuring pull request 25
Load branch configuration (done) | time=1225ms
Load quality profiles
Load quality profiles (done) | time=627ms
Create analysis
Checking if SCA is enabled for organization ratedpower
Dependency analysis skipped
Create analysis (done) | time=332ms
Load active rules
Project not found. Please check the 'sonar.projectKey' and 'sonar.organization' properties, the 'SONAR_TOKEN' environment variable, or contact the project administrator to check the permissions of the user the token belongs to
java.lang.IllegalStateException: Unable to load component class org.sonar.scanner.report.ActiveRulesPublisher
at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:52)
at org.picocontainer.DefaultPicoContainer.getComponent(DefaultPicoContainer.java:621)
at org.picocontainer.parameters.CollectionComponentParameter.getArrayInstance(CollectionComponentParameter.java:334)
at org.picocontainer.parameters.CollectionComponentParameter.access$100(CollectionComponentParameter.java:49)
at org.picocontainer.parameters.CollectionComponentParameter$1.resolveInstance(CollectionComponentParameter.java:139)
It is weird because I can see that other api call returns 200: 2025-09-26T10:02:54.6633360Z 2025-09-26T10:02:54.644+0000 [DEBUG] [org.sonarsource.scanner.lib.internal.facade.forked.ScannerEngineLauncher] <-- 200 https://sonarcloud.io/api/qualityprofiles/search.protobuf?projectKey=RatedPower_auth-service&organization=ratedpower (745ms, 5195-byte body)
Anyway, I’ve tried with a fresh token and I obtained the same error.
Looks like the token works, because I can do the call that is returning 401 in gh actions (https://api.sonarcloud.io/analysis/active-rules?organization=ratedpower&project=RatedPower_auth-service):
I know you mentioned copying the configuration from SonarQube’s “Analyze a project with GitHub Actions” documentation, but could you please share your GitHub Actions YAML file here?
Receiving a 401 error is really confusing me—it suggests that authentication is missing, even though it appears to work for previous API calls.
We also had a bunch of issues yesterday (hope you weren’t affected) and we fixed them all up. Would be great to know if maybe this got fixed up collaterally.
If that doesn’t get us closer, I’ll call in reinforcements.
Hi Colin,
we’ve have found the root cause: some of our projects have a dependency on an internal plugin which has some default sonar config for local, so both configurations (local & cloud) were being mixed.
We can mark this as resolved
Thanks!
