SonarScan returns 401 error

MonicaS · November 17, 2020, 12:24pm

Hi,

I am trying to set up a Sonar Cloud scan for a .NET project in Bitbucket Cloud. I’ve already done this for 20 projects so far and everything worked just fine.
However, there are two projects that throw a 401 error

12:18:05.383  Failed to request and parse 'https://sonarcloud.io/api/settings/values?component=yellowtaildev_pdf-generator': Response status code does not indicate success: 401 ().
Unhandled Exception: System.Net.Http.HttpRequestException: Response status code does not indicate success: 401 ().

Initially, the error was 403 and changed to 401 when I applied the permission template in SonarCloud,
I have admin rights on both SonarCloud and Bitbucket Cloud.

`16:45:04.838  16:45:04.838  WARNING: To analyze private projects make sure the scanner user has 'Browse' permission.`

`16:45:04.84  Failed to request and parse 'https://sonarcloud.io/api/settings/values?component=pdf-generator': Response status code does not indicate success: 403 ().`

   `Unhandled Exception: System.Net.Http.HttpRequestException: Response status code does not indicate success: 403 ().

Here is the pipeline running the scan:

- step: &sonar-cloud-analysis
        image: mcr.microsoft.com/dotnet/core/sdk:2.2
        script:
          - wget https://download.java.net/java/GA/jdk12.0.2/e482c34c86bd4bf8b56c0b35558996b9/10/GPL/openjdk-12.0.2_linux-x64_bin.tar.gz -O openjdk-12.0.2_linux-x64_bin.tar.gz
          - tar zxvf openjdk-12.0.2_linux-x64_bin.tar.gz && rm openjdk-12.0.2_linux-x64_bin.tar.gz && mv jdk-12.0.2 /root/
          - export PATH="${PATH}:/root/jdk-12.0.2/bin"
          - export PATH="$PATH:/root/.dotnet/tools"
          - dotnet tool install --global dotnet-sonarscanner
          - dotnet restore src/PdfGenerator.sln --configfile src/PdfGeneratorApi/NuGet.config
          - dotnet sonarscanner begin /k:"yellowtaildev_pdf-generator" /o:"yellowtaildev" /d:sonar.login=$SONAR_TOKEN /d:sonar.host.url="https://sonarcloud.io" /v:$SONAR_SCAN_VERSION
          - dotnet build src/PdfGenerator.sln --no-restore
          - dotnet sonarscanner end /d:sonar.login=$SONAR_TOKEN

When trying to run the scan from CLI, everything works just fine and the report is being uploaded to SonarCloud.

janos · November 17, 2020, 3:56pm

When analyzing from CLI, if you are running the exact same commands as in the pipeline steps, and you’re getting a 401, the first thing I suspect is the $SONAR_TOKEN variable in the pipeline. Are you sure the correct value is used? Perhaps you can add an echo statement to verify that.

MonicaS · November 18, 2020, 9:08am

Hi Janos,

I could not do echo because the repository variable is secured. Instead, I managed to generate a new token and that fixed that issue.

However, my other repository still returns 403. I have followed the same steps - apply the default permissions template and generate a token.

Not sure what could be different between the two of them?