I have a pipeline in Azure DevOps which is triggered by PR requests. There are three SonarCloud tasks in this pipeline - Prepare analysis on SonarCloud, (my project build step here), Run Code Analysis and then Publish Quality Gate Result.
When this pipeline is triggered by a PR, it’s all fine until gets to the Run Code Analysis task, which then fails with the below error messages:
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 9.173s
INFO: Final Memory: 7M/48M
INFO: ------------------------------------------------------------------------
##[error]ERROR: Error during SonarScanner execution
ERROR: Error during SonarScanner execution
##[error]ERROR: Not authorized. Please check the properties sonar.login and sonar.password.
ERROR:
ERROR: Not authorized. Please check the properties sonar.login and sonar.password.
ERROR:
##[error]The SonarScanner did not complete successfully
The SonarScanner did not complete successfully
##[error]18:32:43.506 Post-processing failed. Exit code: 1
18:32:43.506 Post-processing failed. Exit code: 1
Here’s the thing: whenever this same pipeline is triggered NOT by a PR, either manually or automatically by a daily schedule, it runs and passes with no issues, on any branch. If I trigger the pipeline for the branch being pulled in (not via the PR), it runs and passes fine.
Why is authorization failing only when it’s triggered by a PR?! Why isn’t it using the same PAT token from SonarCloud that the SAME pipelines use when triggered manually and succeed??
I’ve tried issuing a new PAT from SonarCloud to Azure (deleted then re-added the service connection) and also removed and re-added the steps from the pipeline and removed and re-added the branch build policy which dictates this pipeline runs on PRs. None have made any difference.