Sonar-scanner cli: fails to load global settings

I am running a scan over a repo of C/C++ code that runs in a docker container set up. When the container runs, a shell script that handles all of the build-wrapper compiling work and then starts the sonar-scanner to process the analysis and send the results to SonarCloud. All of this works fine on a local dev environment. But, when I run this process as part of a Github Actions CI workflow, the scanner step fails with:

21:32:23.029 INFO: Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
21:32:23.040 INFO: Project root configuration file: /project/subproject/sonar-project.properties
21:32:23.062 INFO: SonarScanner 5.0.1.3006
21:32:23.062 INFO: Java 17.0.7 Eclipse Adoptium (64-bit)
21:32:23.063 INFO: Linux 6.2.0-1016-azure amd64
21:32:23.196 DEBUG: keyStore is : 
21:32:23.196 DEBUG: keyStore type is : pkcs12
21:32:23.197 DEBUG: keyStore provider is : 
21:32:23.197 DEBUG: init keystore
21:32:23.197 DEBUG: init keymanager of type SunX509
21:32:23.310 DEBUG: Create: /root/.sonar/cache
21:32:23.311 INFO: User cache: /root/.sonar/cache
21:32:23.311 DEBUG: Create: /root/.sonar/cache/_tmp
21:32:23.313 DEBUG: Extract sonar-scanner-api-batch in temp...
21:32:23.316 DEBUG: Get bootstrap index...
21:32:23.316 DEBUG: Download: https://sonarcloud.io/batch/index
21:32:24.008 DEBUG: Get bootstrap completed
21:32:24.012 DEBUG: Download https://sonarcloud.io/batch/file?name=scanner-sonarcloud-8.0.0.50735-all.jar to /root/.sonar/cache/_tmp/fileCache11944247655299524490.tmp
21:32:27.076 DEBUG: Create isolated classloader...
21:32:27.084 DEBUG: Start temp cleaning...
21:32:27.087 DEBUG: Temp cleaning done
21:32:27.087 INFO: Analyzing on SonarCloud
21:32:27.087 INFO: Default locale: "en", source code encoding: "UTF-8"
21:32:27.088 DEBUG: Work directory: /project/subproject/.scannerwork
21:32:27.088 DEBUG: Execution execute
21:32:27.280 DEBUG: Scanner max available memory: 1816133632
21:32:27.292 DEBUG: SonarCloud 10.2.0.1908
21:32:27.479 INFO: Load global settings
21:32:27.993 DEBUG: GET 401 https://sonarcloud.io/api/settings/values.protobuf | time=512ms
21:32:27.998 INFO: ------------------------------------------------------------------------
21:32:27.999 INFO: EXECUTION FAILURE
21:32:27.999 INFO: ------------------------------------------------------------------------
21:32:28.001 INFO: Total time: 4.986s
21:32:28.022 INFO: Final Memory: 6M/27M
21:32:28.022 INFO: ------------------------------------------------------------------------
21:32:28.023 ERROR: Error during SonarScanner execution
java.lang.IllegalStateException: Unable to load component class org.sonar.scanner.bootstrap.GlobalConfiguration
	at org.sonar.core.platform.ComponentContainer$ExtendedDefaultPicoContainer.getComponent(ComponentContainer.java:52)

this is what my scanning command looks like - the same properties that succeed in my local build are in the github build:

# Run sonar scanner
 SONAR_OTHER_ARGS="-Dsonar.projectVersion=1.0 -Dsonar.cfamily.build-wrapper-output=/sonar-output -Dsonar.sourceEncoding=UTF-8"
 sonar-scanner -X -Dsonar.project.properties=${properties_file_path} ${SONAR_OTHER_ARGS} -Dsonar.token="$SONAR_TOKEN"

A note about my GH workflow - it does not use the sonar plugins - it pulls the same docker image that gives a positive result in my dev env, and executes the same script. The only difference I can think of between environments is that the value of SONAR_TOKEN is sourced from a GHA secret.

Hoping someone has run into this. Thanks!

Hi,

Welcome to the community!

A 401 is a permissions error, so I think this is probably it.

 
HTH,
Ann