SonarQube Token Error (YAML Pipeline)

tomf · May 24, 2021, 6:58am

Afternoon,

I hope I’ve got the right forum for this post.

Not often, but sometimes. When attempting to scan with SonarQube, we get the error message

“The token you provided doesn’t have sufficient rights to check license.”

The token being used is working fine on other Azure DevOps Build pipelines, just not after being used on a specific YAML one recently created. With the service connection containing the relevant information being added at the same time (This service connection is working find on other Azure Pipelines).

We’re using the v7.9.5 community edition, and when running the “is_valid_license” api call, we’re getting the following error;

{“errors”:[{“msg”:“Unknown url : /api/editions/is_valid_license”}]}

I’ve tried restarting the SonarQube service, VSTS service, removing and re-adding the service connection, as well as creating a brand new token to be used but nothing has resolved this.

Are you able to help at all?

Cheers,

Tom

ganncamp · June 3, 2021, 2:49pm

Hi Tom,

I’ve just checked our dogfooding instance and that URL works even for anonymous users, so this seems unrelated to the token(…?)

I’m wondering what the access log entry corresponding to that error message looks like…

Ann

tomf · June 3, 2021, 3:53pm

Hi,

Thanks for getting back to me.

Ahhh if that should allow annoymous users to retrieve that data, then it could just be a happy coicidence that this is happening at the same time as the token issue.

I’ll attempt the query a few times and check the logs to see what I can see and provide that information.

Cheers,

Tom