SonarQube Authtoken error

Rida_Zaidi · April 8, 2025, 5:32pm

Must-share information (formatted with Markdown):

which versions are you using (SonarQube Server / Community Build, Scanner, Plugin, and any relevant extension) : Community Build
how is SonarQube deployed: Helm
what are you trying to achieve : scan mono repo

Hello! I have been using SonarQube to scan my git repositories, and it’s working fine. I use the same GHA to scan my mono-repo, it gives me the following error:

Cache not found for input keys: sonar-scanner-cli-7.0.2.4839-Linux-X64
Run ${GITHUB_ACTION_PATH}/scripts/install-sonar-scanner-cli.sh
+ mkdir -p /home/runner/work/_temp/sonarscanner
+ cd /home/runner/work/_temp/sonarscanner
+ SCANNER_FILE_NAME=sonar-scanner-cli-7.0.2.4839-linux-x64.zip
+ SCANNER_URI=https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.0.2.4839-linux-x64.zip
+ command -v wget
+ wget --no-verbose --user-agent=sonarqube-scan-action https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.0.2.4839-linux-x64.zip
2025-04-08 17:02:16 URL:https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-7.0.2.4839-linux-x64.zip [57688416/57688416] -> "sonar-scanner-cli-7.0.2.4839-linux-x64.zip" [1]
+ unzip -q -o sonar-scanner-cli-7.0.2.4839-linux-x64.zip
+ SCANNER_UNZIP_FOLDER=sonar-scanner-7.0.2.4839-linux-x64
+ SCANNER_LOCAL_FOLDER=/home/runner/work/_temp/sonar-scanner-cli-7.0.2.4839-Linux-X64
+ '[' -d /home/runner/work/_temp/sonar-scanner-cli-7.0.2.4839-Linux-X64 ']'
+ mv -f sonar-scanner-7.0.2.4839-linux-x64 /home/runner/work/_temp/sonar-scanner-cli-7.0.2.4839-Linux-X64
Run echo "${RUNNER_TEMP}/sonar-scanner-cli-7.0.2.4839-Linux-X64/bin" >> $GITHUB_PATH
Run ${GITHUB_ACTION_PATH}/scripts/run-sonar-scanner-cli.sh -Dsonar.projectKey=Acuity-scan
+ sonar-scanner -Dsonar.projectBaseDir=./acuitymd/apps/crunchy -Dsonar.projectKey=Acuity-scan
17:02:17.903 INFO  Scanner configuration file: /home/runner/work/_temp/sonar-scanner-cli-7.0.2.4839-Linux-X64/conf/sonar-scanner.properties
17:02:17.907 INFO  Project root configuration file: NONE
17:02:17.930 INFO  SonarScanner CLI 7.0.2.4839
17:02:17.932 INFO  Java 17.0.13 Eclipse Adoptium (64-bit)
17:02:17.932 INFO  Linux 6.8.0-1021-azure amd64
17:02:17.964 INFO  User cache: /home/runner/.sonar/cache
17:02:19.325 ERROR Failed to query server version: HTTP 401. Please check the property sonar.token or the environment variable SONAR_TOKEN.
17:02:19.325 INFO  EXECUTION FAILURE
17:02:19.327 INFO  Total time: 1.427s
Error: Process completed with exit code 1.

Following is my GHA:

on:
  workflow_dispatch:
  # push:
  #   branches:
  #     - main

name: Sonarqube Scan

jobs:
  sonarqube:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v4
      with:
        # Disabling shallow clones is recommended for improving the relevancy of reporting
        fetch-depth: 0

    - name: SonarQube Scan
      uses: SonarSource/sonarqube-scan-action@v5.0.0
      with:
        projectBaseDir: ./acuitymd/apps/crunchy
        args: >
          -Dsonar.projectKey=Acuity-scan
      env:
        SONAR_TOKEN: ${{ secrets.SONARQUBE_SECRET }}
        SONAR_HOST_URL: ${{ secrets.SONARQUBE_URL }}```

The token is correct as the other repositories are scanning fine.

ganncamp · April 9, 2025, 4:54pm

Hi,

I believe this part of the error message is a canned response to a 401, regardless of where that 401 originates

Is there something “helpful” between the build agent and SonarQube that could be interfering? Analysis is failing with a 401 / Unauthorized on the very first call analysis makes to the server. Having that particular call fail with a 401 is very rare (I don’t remember having seen it before). So I would start by talking to your network people and/or checking SonarQube’s access logs to make sure that call is actually reaching SonarQube.

HTH,
Ann

Rida_Zaidi · April 9, 2025, 8:20pm

How do we check access logs of SQ.

ganncamp · April 10, 2025, 12:58pm

Hi,

They’re among your server logs.

HTH,
Ann

Rida_Zaidi · April 14, 2025, 8:41pm

There were no server logs I checked.

ganncamp · April 15, 2025, 11:58am

Hi,

SonarQube won’t run without being able to write to its logs. You should look around a little more.

Ann

Rida_Zaidi · April 15, 2025, 2:38pm

This is the exact error I am facing.

ganncamp · April 15, 2025, 3:58pm

Hi,

Yes, it is.

Look, a 401 is a permissions error. So either you don’t have a valid token in place, or there’s something “helpful” in the middle that needs some attention.

HTH,
Ann

Topic		Replies	Views
Cache not found for input keys: sonar-scanner-cli-6.2.1.4610-Linux-X64 SonarQube Cloud scanner , github-actions , sonarqube-cloud	4	263	January 24, 2025
Failed: source exhausted prematurely SonarQube Server / Community Build github-actions	2	48	March 1, 2025
GithubActions sonarqube action not working after code build SonarQube Server / Community Build	4	213	June 18, 2024
Fail to download sonar-scanner-engine-shaded-10.3.0.82913-all.jar to /<anylocation>/ SonarQube Server / Community Build	1	374	February 2, 2024
Sonarsource/sonarqube-scan-action@v3 - charset issue SonarQube Server / Community Build scanner	5	165	October 17, 2024

SonarQube Authtoken error

Related topics