Scanner command used when applicable => gradle plugin
Languages => Java
Error observed Execution failed for task :sonarqube You're not authorized to run analysis. Please contact the project administrator.
Steps to reproduce
I’m using the sonarcloud prepare task before the gradle task but somehow I’m not authorized to scan the code. I double checked the service connection which is set to be used for all pipelines
I’m also using a hosted agent
Have you already created this project on SonarCloud and used the project key (sonar.projectKey) that is provided in the UI tutorial?
Typically this error appears at the end of analysis when a user has Execute Analysis permissions but not Create Projects permission and a matching project key does not exist.
I would recommend sharing screenshots of your Pipeline configuration as well as your SonarCloud project (where the key is shown in the URL of the project or the project Administration > Update Key)
Double-check there is no build.gradle file overriding the sonar.projectKey
my pipeline is the following
There is a build gradle file but nothing that is referring to sonar in it
I don’t have access to the admin section of sonar but I will check with the right person and let you know
When the Other scanner mode is selected, the projectKey and projectName inputs should disappear as well, and the project key placed under Additional Properties (as described in the tutorial).
(I recognize this tutorial is then completely wrong in telling you to use the Run Code Analysis step and I’ll report this internally. The rest of your YAML looks fine, although you may want to bump the version of the sonarQubeGradlePluginVersion to the latest, 3.3)
I would still double-check your build.gradle file to make sure there are no overriding settings
You might try creating a new service connection in Azure DevOps using a token generated by a user who for sure has Execute Analysis permissions andCreate Projects permissions in your organization to see if it makes a difference. I would also suggest verifying this token works by testing it manually (analyzing a project from your local machine).