Quality gate not found after analysis success

• ALM used: Bitbucket
• CI system used: Jenkins
• Languages of the repository: Javascript

The quality gate is failing after seeing the status as success. Started happening around 12pm EST today. Previous builds were successful

[Pipeline] waitForQualityGate
Checking status of SonarQube task 'AYNHz48Mg3b9NxwgYwFg' on server 'SonarCloud'
SonarQube task 'AYNHz48Mg3b9NxwgYwFg' status is 'SUCCESS'
org.sonarqube.ws.client.HttpException: Error 404 on https://sonarcloud.io/api/qualitygates/project_status?analysisId=AYNHz5GrpZtWo6f19pAQ : {"errors":[{"msg":"Project doesn\u0027t exist"}]}
	at org.sonarqube.ws.client.BaseResponse.failIfNotSuccessful(BaseResponse.java:36)
	at hudson.plugins.sonar.client.HttpClient.getHttp(HttpClient.java:38)
	at hudson.plugins.sonar.client.WsClient.requestQualityGateStatus(WsClient.java:70)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.lambda$checkTaskCompleted$0(WaitForQualityGateStep.java:239)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.checkQualityGate(WaitForQualityGateStep.java:292)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.checkTaskCompleted(WaitForQualityGateStep.java:239)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.start(WaitForQualityGateStep.java:175)
	at org.jenkinsci.plugins.workflow.cps.DSL.invokeStep(DSL.java:322)
	at org.jenkinsci.plugins.workflow.cps.DSL.invokeMethod(DSL.java:196)
	at org.jenkinsci.plugins.workflow.cps.CpsScript.invokeMethod(CpsScript.java:124)
	at jdk.internal.reflect.GeneratedMethodAccessor737.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:98)
	at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:325)
	at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1225)
	at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1034)
	at org.codehaus.groovy.runtime.callsite.PogoMetaClassSite.call(PogoMetaClassSite.java:41)
	at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)
	at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:116)
	at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:163)
	at org.kohsuke.groovy.sandbox.GroovyInterceptor.onMethodCall(GroovyInterceptor.java:23)
	at org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor.onMethodCall(SandboxInterceptor.java:158)
	at org.kohsuke.groovy.sandbox.impl.Checker$1.call(Checker.java:161)
	at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:165)
	at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:135)
	at org.kohsuke.groovy.sandbox.impl.Checker.checkedCall(Checker.java:135)
	at com.cloudbees.groovy.cps.sandbox.SandboxInvoker.methodCall(SandboxInvoker.java:17)
	at WorkflowScript.run(WorkflowScript:109)
	at ___cps.transform___(Native Method)
	at com.cloudbees.groovy.cps.impl.ContinuationGroup.methodCall(ContinuationGroup.java:86)
	at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.dispatchOrArg(FunctionCallBlock.java:113)
	at com.cloudbees.groovy.cps.impl.FunctionCallBlock$ContinuationImpl.fixArg(FunctionCallBlock.java:83)
	at jdk.internal.reflect.GeneratedMethodAccessor348.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
	at com.cloudbees.groovy.cps.impl.CollectionLiteralBlock$ContinuationImpl.dispatch(CollectionLiteralBlock.java:55)
	at com.cloudbees.groovy.cps.impl.CollectionLiteralBlock$ContinuationImpl.item(CollectionLiteralBlock.java:45)
	at jdk.internal.reflect.GeneratedMethodAccessor542.invoke(Unknown Source)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
	at com.cloudbees.groovy.cps.impl.ContinuationPtr$ContinuationImpl.receive(ContinuationPtr.java:72)
	at com.cloudbees.groovy.cps.impl.ConstantBlock.eval(ConstantBlock.java:21)
	at com.cloudbees.groovy.cps.Next.step(Next.java:83)
	at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:174)
	at com.cloudbees.groovy.cps.Continuable$1.call(Continuable.java:163)
	at org.codehaus.groovy.runtime.GroovyCategorySupport$ThreadCategoryInfo.use(GroovyCategorySupport.java:136)
	at org.codehaus.groovy.runtime.GroovyCategorySupport.use(GroovyCategorySupport.java:275)
	at com.cloudbees.groovy.cps.Continuable.run0(Continuable.java:163)
	at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.access$001(SandboxContinuable.java:18)
	at org.jenkinsci.plugins.workflow.cps.SandboxContinuable.run0(SandboxContinuable.java:51)
	at org.jenkinsci.plugins.workflow.cps.CpsThread.runNextChunk(CpsThread.java:187)
	at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.run(CpsThreadGroup.java:420)
	at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup.access$400(CpsThreadGroup.java:95)
	at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:330)
	at org.jenkinsci.plugins.workflow.cps.CpsThreadGroup$2.call(CpsThreadGroup.java:294)
	at org.jenkinsci.plugins.workflow.cps.CpsVmExecutorService$2.call(CpsVmExecutorService.java:67)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at hudson.remoting.SingleLaneExecutorService$1.run(SingleLaneExecutorService.java:139)
	at jenkins.util.ContextResettingExecutorService$1.run(ContextResettingExecutorService.java:30)
	at jenkins.security.ImpersonatingExecutorService$1.run(ImpersonatingExecutorService.java:70)
	at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
	at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:829)
[Bitbucket] Notifying pull request build result
[Bitbucket] Build result notified
Finished: FAILURE

JSON payload of the response

{"projectStatus":{"status":"OK","conditions":[{"status":"OK","metricKey":"new_reliability_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_maintainability_rating","comparator":"GT","periodIndex":1,"errorThreshold":"1","actualValue":"1"},{"status":"OK","metricKey":"new_duplicated_lines_density","comparator":"GT","periodIndex":1,"errorThreshold":"3","actualValue":"0.0"}],"periods":[],"ignoredConditions":false}}

Hi,

Welcome to the community!

Is this only happening with one project? And only during the Quality Gate status portion of the job?

 
Ann

Happening for all our projects. Yes, only on checking the Quality Gate status.

When I click the link in the logs, I get the full JSON status OK, but when Jenkins hits, it gets project does not exist.

Our Jenkins Shared Library

def sonarPR() {
    withSonarQubeEnv('SonarCloud') {
        sh "sonar-scanner \
        -Dsonar.pullrequest.key=${env.CHANGE_ID} \
        -Dsonar.pullrequest.branch=${env.BRANCH_NAME} \
        -Dsonar.pullrequest.base=${env.CHANGE_BRANCH} \
        -Dsonar.projectVersion=${repo.getPackageVersion()} \
        -Dsonar.pullrequest.bitbucketcloud.repository=${env.BB_REPOSITORY} \
        -Dsonar.pullrequest.bitbucketcloud.owner=${env.BB_OWNER} \
        "
    }
}

def sonarGate() {
    timeout(time: 1, unit: 'HOURS') {
        //abort the pipeline if quality gate status is not green
        waitForQualityGate abortPipeline: true
    }
}

dir(folder) {
    if(repo.checkFileExist('sonar-project.properties')) {
        sonar.sonarPR()
        sonar.sonarGate()
    }
}

Hi,

This looks like a permissions issue. The withSonarQubeEnv credentials aren’t making it into the Quality Gate check. The question is why this suddenly stopped working. Since it stopped working for all your jobs at once, I suspect a systemic change (e.g. Jenkins upgrade).

Looking at the code you provided (thanks for sharing that proactively!) I see that you’re defining your two steps, and then presumably calling them later. I suspect the problem is there (altho I’m not conversant enough to pinpoint the exact cause). Can you edit one job to make it look like one of the examples in the docs and see if that fixes the problem?

 
Ann

Hi Ann

Implemented the changes above, but still getting project not found. (Jenkins 2.369)

Here in a different project today:
https://sonarcloud.io/api/ce/task?id=AYNm7wGiHNrhdGwEpxdZ
https://sonarcloud.io/api/qualitygates/project_status?analysisId=AYNm7wOFH6m6TjzydeYs

stage('SonarQube Analysis Long-Lived') {
            when {
                anyOf {
                    branch 'master'
                    branch 'release/*'
                    branch 'develop'
                }
            }
            steps {
                script {
                    withSonarQubeEnv('SonarCloud') {
                        sh "sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME} -Dsonar.projectVersion=${getPackageVersion()}"
                    }
                }
            }
        }
        stage("SonarQube Quality Gate") {
            when {
                anyOf {
                    branch 'master'
                    branch 'release/*'
                    branch 'develop'
		    branch 'hotfix/*'
                }
            }
            steps {
                timeout(time: 1, unit: 'HOURS') {
                  //abort the pipeline if quality gate status is not green
                    waitForQualityGate abortPipeline: true
                }
            }
        }

Hi,

Can you try putting the Quality Gate check into the same stage as the analysis?

 
Ann

Yup, the first example was with both commands, the analysis and gate in the same stage.

Hi,

I’m asking for one more variation. Something like:

        stage('SonarQube Analysis Long-Lived') {
            when {
                anyOf {
                    branch 'master'
                    branch 'release/*'
                    branch 'develop'
                }
            }
            steps {
                script {
                    withSonarQubeEnv('SonarCloud') {
                        sh "sonar-scanner -Dsonar.branch.name=${env.BRANCH_NAME} -Dsonar.projectVersion=${getPackageVersion()}"
                    }
                }
                timeout(time: 1, unit: 'HOURS') {
                  //abort the pipeline if quality gate status is not green
                    waitForQualityGate abortPipeline: true
                }
            }
        }

 
Ann

Hi G Ann,

Combined the stages into one per above. Still same issue with the gate not finding the project

[Pipeline] stage
[Pipeline] { (SonarQube Analysis Long-Lived)
[Pipeline] script
[Pipeline] {
[Pipeline] withSonarQubeEnv
12:20:08  Injecting SonarQube environment variables using the configuration: SonarCloud
[Pipeline] {
[Pipeline] sh
[Pipeline] sh
12:20:08  + node -e console.log(require('./package.json').version)
12:20:08  + sonar-scanner -Dsonar.branch.name=master -Dsonar.projectVersion=2.1.0
12:20:08  INFO: Scanner configuration file: /opt/sonar-scanner-4.7.0.2747/conf/sonar-scanner.properties
12:20:08  INFO: Project root configuration file: /home/ubuntu/workspace/<MEATBALL PROJECT>/sonar-project.properties
12:20:08  INFO: SonarScanner 4.7.0.2747
..
..
..
12:21:01  INFO: Analysis report generated in 343ms, dir size=757 KB
12:21:01  INFO: Analysis report compressed in 509ms, zip size=445 KB
12:21:03  INFO: Analysis report uploaded in 1237ms
12:21:03  INFO: ANALYSIS SUCCESSFUL, you can find the results at: https://sonarcloud.io/dashboard?id=<MEATBALL PROJECT>&branch=master
12:21:03  INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
12:21:03  INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=AYN_wHVdQhvWGSOSHxsj
[Pipeline] }
[Pipeline] // withSonarQubeEnv
[Pipeline] }
[Pipeline] // script
[Pipeline] timeout
12:21:09  Timeout set to expire in 1 hr 0 min
[Pipeline] {
[Pipeline] waitForQualityGate
12:21:09  Checking status of SonarQube task 'AYN_wHVdQhvWGSOSHxsj' on server 'SonarCloud'
12:21:10  SonarQube task 'AYN_wHVdQhvWGSOSHxsj' status is 'SUCCESS'
[Pipeline] }
[Pipeline] // timeout
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (SonarQube Analysis Preview)
Stage "SonarQube Analysis Preview" skipped due to earlier failure(s)
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Build)
Stage "Build" skipped due to earlier failure(s)
[Pipeline] }
[Pipeline] // stage
[Pipeline] stage
[Pipeline] { (Declarative: Post Actions)
[Pipeline] cleanWs
12:21:11  [WS-CLEANUP] Deleting project workspace...
12:21:11  [WS-CLEANUP] Deferred wipeout is used...
12:21:11  [WS-CLEANUP] done
[Pipeline] slackSend
12:21:11  Slack Send Pipeline step running, values are - baseUrl: <empty>, teamDomain:Meatball, channel: #ci-builds, color: #FF0000, botUser: false, tokenCredentialId:jenkins-slack, notifyCommitters: false, iconEmoji: <empty>, username: <empty>, timestamp: <empty>
[Pipeline] }
[Pipeline] // stage
[Pipeline] }
[Pipeline] // timeout
[Pipeline] }
12:21:11  
[Pipeline] // ansiColor
[Pipeline] }
[Pipeline] // timestamps
[Pipeline] }
[Pipeline] // withEnv
[Pipeline] }
[Pipeline] // node
[Pipeline] End of Pipeline
org.sonarqube.ws.client.HttpException: Error 404 on https://sonarcloud.io/api/qualitygates/project_status?analysisId=AYN_wHbA0KCMVGzwBajo : {"errors":[{"msg":"Project doesn\u0027t exist"}]}
	at org.sonarqube.ws.client.BaseResponse.failIfNotSuccessful(BaseResponse.java:36)
	at hudson.plugins.sonar.client.HttpClient.getHttp(HttpClient.java:38)
	at hudson.plugins.sonar.client.WsClient.requestQualityGateStatus(WsClient.java:70)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.lambda$checkTaskCompleted$0(WaitForQualityGateStep.java:239)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.checkQualityGate(WaitForQualityGateStep.java:292)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.checkTaskCompleted(WaitForQualityGateStep.java:239)
	at org.sonarsource.scanner.jenkins.pipeline.WaitForQualityGateStep$Execution.start(WaitForQualityGateStep.java:175)

Hi,

Thanks for trying.

The 404 on the Quality Gate retrieval seemed like a possible permissions issue to me & I was trying to make absolutely sure the same context (& permissions) was used for both steps.

So now I’ve pinged folks with more expertise. Hopefully, they’ll be along soon.

 
Ann

Hi G Ann,

Curious if you are able to nudge?

Thanks!

Bump

still continuing to fail.

Screen Shot 2022-10-05 at 10.17.43 AM1174×531 62.5 KB

Hello,

This is definitely a permission issue.

The Sonar token belongs to a SonarCloud user who does not have permission to access these projects. The token may have been revoked or user permissions may have been changed.

Please check the permissions of the user whose token you are using for SonarCloud authentication.

If the token has been revoked, please create a new one from the SonarCloud user account with permission to access these projects from this link https://sonarcloud.io/account/security
and set it as an authentication token for SonarCloud in Jenkins.

Wouldn’t the user not be-able to submit the analysis report to sonarcloud if they didn’t have permissions? This is occurring AFTER the report was submitted and we are requesting the status of the quality gate.

There are two different permissions for these two actions.

• For the analysis report submission action, ‘Execute Analysis’ permission is required.

• For requesting the quality status action, ‘Browse’ permission is required (only for private projects).

Thanks, Unfortunately am still receiving the same error.

heres what I did

• Set a new token on our service account, updated sonar.properties with new token
  

  

  Screen Shot 2022-10-07 at 1.01.29 PM686×742 59.6 KB

• Set the service account has owner
  

• Applied permission template to all projects
  

  

  Screen Shot 2022-10-07 at 12.47.27 PM1411×445 59.3 KB

INFO: Analysis report uploaded in 988ms
INFO: ANALYSIS SUCCESSFUL, you can find the results at: https://sonarcloud.io/dashboard?id=convene_dev_virtual_global_admin_api&branch=bug%2FscanTokenTest&resolved=false
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=AYOzYpMhhPmCAbZiKa1H

org.sonarqube.ws.client.HttpException: Error 404 on https://sonarcloud.io/api/qualitygates/project_status?analysisId=AYOzYpQ_pvgT3Ia4o1VI : {“errors”:[{“msg”:“Project doesn\u0027t exist”}]}

Hi there,

Curious if there was an update? I am happy to pair on this for real-time debugging

Thanks,
Chris

Hi Chris,

We have inspected the logs with the analysisId you shared and saw that there are many requests to fetch the quality gate without login credentials. It means that the token you generated is not attached to these requests.
It seems that the scanner itself was able to submit the analysis report to SonarCloud because you put the token into sonar.properties file. And in order to fetch the quality gate status, it is also required that the token should be set in SonarQube configuration section in Jenkins configuration.

Here is the link about how you configure SonarCloud in Jenkins. It’s written under the Installation section.

I hope this helps.

Hi Serhat,

Wanted to update this was the solution! Thank you very much.

We’re reviewing how this was not updated

Best,
Chris

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.