A colleague who setup Sonarcloud for one repo has left the company, and since then the following error is returned in Sonar scans:
INFO: Check ALM binding of project ‘project-name’
INFO: Detected project binding: NONEXISTENT
I’ve tried regenerating the token but did not help. Any ideas how to solve the issue? Thanks in advance
Hi,
Welcome to the community!
Can you share the organization and/or project?
Ann
Hi Ann, It’s private, so I’d prefer not to, but if it helps - the error arises only for Dependabot PRs
Maybe there’s an option to disable Sonarcloud in Github for PRs labeled as “dependencies” altogether?
Hi,
Are you using automatic analysis? If not, it would be a question of pipeline configuration.
Ann
CI analysis
Hi,
Okay, you should take a close look at your CI configuration. I’m going to guess that the Dependabot analyses run with your former colleague’s credentials and other analyses run under another account.
Ann
Theres no specific configuration for dependabot regarding sonarcloud. How can dependabot be excluded?
El El 2023-03-08, mié a las 15:13, G Ann Campbell via Sonar Community <notifications@sonarcommunity.discoursemail.com> escribió:
Hi,
I don’t know how your pipeline is running. Perhaps your analysis / job logs will give you some hint.
Ann
We are using sonar.yml. And I do not see any options to exclude PRs based on PR creator/ PR type
Hi again,
Sometimes services return a 404 when you don’t have permissions to access a project.
To verify: a non-Dependabot PR works just fine?
If so you need to figure out what’s different with Dependabot PRs.
Ann