Sonarqube Community Limited to a single Bitbucket repositories scanning - SOLVED

  • Sonarqube V 10.0
  • Deployed with K8s on Docker, busybox
  • Scan multiple repositories on Bitbucket
  • Changed token, tried different repos

Keep on getting error Sonarqube has no rights to scan repository if I query the repositories we setup before the last one. The latest can be scanned, the others all give the same error:

119 `INFO: ------------------------------------------------------------------------`
121 `INFO: ------------------------------------------------------------------------`
122 `INFO: Total time: 16.499s`
123 `INFO: Final Memory: 9M/48M`
124 `INFO: ------------------------------------------------------------------------`
125 `ERROR: Error during SonarScanner execution`
126 `ERROR: You're not authorized to analyze this project or the project doesn't exist on SonarQube and you're not authorized to create it. Please contact an administrator.`
127`ERROR: `
128`ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.`
129 `✖ SonarCloud analysis failed. (exit code = 2)`

No logging in the Docker container of a failed scan

Hey there.

What’s happening in the analysis when it fails with this error? Right before the execution failure.

Hello Colin,

This is the part preceding the error

Status: Downloaded newer image for sonarsource/sonarcloud-scan:1.4.0
INFO: Scanner configuration file: /opt/sonar-scanner/conf/
INFO: Project root configuration file: /opt/atlassian/pipelines/agent/build/
INFO: SonarScanner
INFO: Java 11.0.3 Oracle Corporation (64-bit)
INFO: Linux 5.15.0-1031-aws amd64
INFO: User cache: /root/.sonar/cache
INFO: Scanner configuration file: /opt/sonar-scanner/conf/
INFO: Project root configuration file: /opt/atlassian/pipelines/agent/build/
INFO: Analyzing on SonarQube server
INFO: Default locale: "en", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=553ms
INFO: Server id: ***************************
INFO: User cache: /root/.sonar/cache
INFO: Load/download plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=153ms
INFO: Load/download plugins (done) | time=9880ms
INFO: Process project properties
INFO: Process project properties (done) | time=12ms
INFO: Execute project builders
INFO: Execute project builders (done) | time=2ms
INFO: Project key: *********************************
INFO: Base dir: /opt/atlassian/pipelines/agent/build
INFO: Working dir: /opt/atlassian/pipelines/agent/build/.scannerwork
INFO: Load project settings for component key: '****************************'
INFO: ------------------------------------------------------------------------
INFO: ------------------------------------------------------------------------
INFO: Total time: 16.499s
INFO: Final Memory: 9M/48M

Hey there.

To start, I suggest making sure that you’re using instead of sonarsource/sonarcloud-scan if you’re using SonarQube.

Take note of adding the SONAR_TOKEN so you can authenticate to your SonarQube server.

Thank you Colin,

I’ll have a look into the sonarqube-scan, we do have the SONAR_TOKEN set. It functions with a single repository only, as I wrote, but fails the first registered after we added a second one

Was the token generated for a specific project (sqp_) or as a global analysis token (sqa_)? You can read more about token types here.

For a specific project. It seemed logical to me, since a generic token would not differentiate between projects, at least, so it seems to me.

So is the SONAR_TOKEN that is set the project analysis token working for the first project, or another one generated for the second one?

There may be the problem, using a sqp instead of an sqa token. Darn have to get into the crypts of Sonarqube again. Thank you to point that out to me, Colin

Hello Colin,

Changed the pipe’s scanner to sonarqube-scan:1.2.0 (is the version mandatory or can latest be used as well?)
Created a sqa_ token and added it to the repository variables
Ran the scans successfully on the repositories.

Many thanks for your advice. Much appreciated!