Unable to setup bitbucket widget

Details:

  • versions used:
    • SonarCloud and Bitbucket Cloud
  • browser
    • Chrome 85.0.4183.102
  • error observed
    • 401 from https://sonarcloud.io/api/projects/search_my_projects?ps=500 in Chrome DevTools

Note:
It happens bot in normal and incognito mode

Steps to reproduce

  1. Prerequisites
    1. Existing project in SonarCloud
    2. Bitbicket Cloud repository with no widget set up
    3. Bitbucket authentication through SSO (Okta)
    4. SonarCloud authentication through Bitbucket
  2. Steps
    1. Log in to SonarCloud (through Bitbucket)
    2. In Bitbucket Navigate to Repository settings > SonarCloud Settings
    3. Although I’m loged in in the same browse, the seting page asks me to log in again
    4. When I try to authenticate, I’m getting 401 from https://sonarcloud.io/api/projects/search_my_projects?ps=500 in Chrome DevTools
{"errors":[{"msg":"Authentication is required"}]}
1 Like

Hi @psech

We’re going to have a look at that and let you know.

Thank you.

Mickaël

Hi @mickaelcaro,

Do you have an update?
It is a significant issue for us.

Regards,
Przemek

Hi @psech

How’s configured your Bitbucket identity in Okta ? Is that with the BB application, or a delegated identity provider ?

Thanks.

Hi @mickaelcaro,

I’ve asked internal support and here’s the answer

Hey Przemek, Let me check that for you
I believe it isn’t specifically related to Bitbucket. The SSO runs through Atlassian Access or Atlassian ID
The app is called “Atlassian Cloud”
Here is the app page
Here is more documentation about it

I hope it’s helpful.

PS. It’s worth mentioning that this setup used to work and stopped at some point. Unfortunately, I’m unable to say when exactly.

Cheers

Thank you, i don’t reckon that we did some changes on our side on the auth part. I did reproduce the issue on my side, i’ll check what i can find.

2 Likes

Hi @psech

Before redirecting you to an action, we’d like to understand what is the situation here :

  • Is your Bitbucket repository already bound to your existing project ?
  • If yes, do you need to change this binding somehow ?
  • If no, what do you need to do ?

Thank you.
Mickaël

Hi @mickaelcaro,

I’m not sure I’m getting you correctly. Let me describe the setup.

  • Is your Bitbucket repository already bound to your existing project?
    We have existing projects in Bitbucket and Bitbucket pipeline reports to existing SonarCloud project

Example

INFO: ANALYSIS SUCCESSFUL, you can find the results at: https://sonarcloud.io/dashboard?id=ansarada_serverless-platform-account-data-migration&branch=master
INFO: Note that you will be able to access the updated dashboard once the server has processed the submitted analysis report
INFO: More about the report processing at https://sonarcloud.io/api/ce/task?id=AXTcMs4oxXUEPJu5ZEXN
INFO: Analysis total time: 13.734 s

So the project exists in SonarCloud

  • If yes, do you need to change this binding somehow?
    No, no change is required or I’m not aware of any

  • If no, what do you need to do?
    I need to set up a SonarCloud widget in Bitbucket.

We rely on the widget in may repositories, e.g,


But I’m unable to set up the widget for in the project mentioned above.

Summary

What works

  • Bitbucket pipeline reports successfully code analysis to SonatCloud project.

What does not work

  • Unable to set up the widget as Bitbucket SonarCloud setting page falls into the infinite loop and is unable to authenticate a user to select existing SonarCloud project.

Oct-02-2020 14-55-06

It’s not very clear to me what it means to setup the widget.

Let me try to explain things from a different angle.

The recommended path to integrate a new repository in an existing Bitbucket Cloud organization with SonarCloud:

  • Go to the SonarCloud UI
  • Click the plus icon in the top-right corner, and select Analyze new project
  • Select the already imported Bitbucket Cloud organization
  • Tick the box for the new repository to integrate

The widget should not be used in this scenario. The project selector in the widget exists today for the use case when the repository was already analyzed by SonarCloud, has significant history you don’t want to lose, and you would like to integrate. Since SonarCloud UI is not able to support this scenario by itself, the widget can be used to make the connection between the project on SonarCloud and the repository on Bitbucket Cloud.

What is still not clear to me is which use case is yours. Are you integrating the Bitbucket Cloud repo for the first time, or has it already been integrated previously. If you’re starting to integrate this repository now, then I recommend to delete the existing project on SonarCloud, and follow the recommended path I described above. This path doesn’t require to touch anything in the widget settings on Bitbucket Cloud side. If you’ve been using this integration already, then I you don’t need to worry about the widget settings at all.

I hope this clarifies the purpose of the widget settings. I suspect you don’t really need this settings.

However, the fact that the widget settings asks you to login is an indicator of a problem. And I suspect the problem you are having is that the widget is not displayed on the repository, and that’s what you’d like to fix. I also suspect your repository is private. Please confirm these assumptions.

We have a good idea of this problem. It seems browsers are gradually releasing stricter policies for the SameSite attribute of cookies. This makes them not include the SonarCloud session cookies when the Bitbucket Cloud UI is making requests to SonarCloud. We’re working on a fix for this issue, and we expect to deploy it very soon.

Let me know if this makes sense, or if you think it doesn’t match your situation somehow.

Let’s continue after Oct 12th, and I’m on holiday next week.
Would it be possible to have a call?

I also suspect your repository is private

Yes, it’s private under Ansarada organisation.

What is still not clear to me is which use case is yours.

My repository was integrated some time ago, and I’m not very keen on losing SonarCloud history.

Some other notes

  • We have over 100 Bitbucket projects integrated with SonarCloud, and most of them present widgets correctly. Like the screenshot above for licensing project
  • We have a few Bitbucket projects integrated with SonarCloud already that we did not set up widget in the past. The issue I’m describing is for these few projects. We want to enable the widget for these projects.

I see: we’re talking about existing projects on SonarCloud, that were not bound using the modern way (plus icon, Analyze new project, and so on). In this case you do need the widget, it’s the only way to make the connection between the Bitbucket Cloud repos and existing SonarCloud projects.

The fix for the cookie forwarding issue is in progress, which should fix the widget settings to show the list of projects correctly, when you are logged into SonarCloud. I’ll update this thread when that’s ready.

Update
The fix is in production (since Oct 2): the session cookies use an explicit SameSite: None.

2 Likes

Hi @janos,

It looks it’s been fixed now.
Thank you

2 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.