Using SonarCloudAnalyze@2 instead SonarCloudAnalyze@1

  • ALM used ( Azure DevOps)
  • CI system used ( Azure DevOps)
  • Scanner command used when applicable (private details masked)
  • Languages of the repository React JS

Hi
when i use this config in azuredevops

- task: SonarCloudPrepare@1
displayName: Sonar cloud prepare
inputs:
SonarCloud: 'SonarCloud'
organization: 'gt'
scannerMode: 'CLI'
configMode: 'manual'
cliProjectKey: 'gt-acf-front'
cliProjectName: 'gt-acf-front'
cliSources: 'src/'
extraProperties: |
sonar.inclusions=**/*
sonar.scm.disabled=true

- task: SonarCloudAnalyze@1
displayName: Sonar analyze
- task: SonarCloudPublish@1
displayName: Publish quality gate Result
inputs:
pollingTimeoutSec: '300'

it works well **************

but when i change to the new version
SonarCloudPrepare@2 and task: SonarCloudAnalyze@2
i have this error :


Starting: Sonar analyze
==============================================================================
Task : Run Code Analysis
Description : Run scanner and upload the results to the SonarCloud server.
Version : 2.3.2
Author : sonarsource
Help : This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

[More Information](https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarcloud-extension-for-azure-devops/)
==============================================================================
/azp/_work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/2.3.2/sonar-scanner/bin/sonar-scanner
12:23:41.111 WARN Ignoring property 'sonar.token' from env variable 'SONARQUBE_SCANNER_PARAMS' because it is already defined
12:23:41.114 INFO Scanner configuration file: /azp/_work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/2.3.2/sonar-scanner/conf/sonar-scanner.properties
12:23:41.115 WARN Ignoring property 'sonar.token' from env variable 'SONARQUBE_SCANNER_PARAMS' because it is already defined
12:23:41.116 INFO Project root configuration file: NONE
12:23:41.116 WARN Ignoring property 'sonar.token' from env variable 'SONARQUBE_SCANNER_PARAMS' because it is already defined
12:23:41.131 INFO SonarScanner CLI 6.1.0.4477
12:23:41.133 INFO Java 17.0.12 Alpine (64-bit)
12:23:41.134 INFO Linux 5.4.0-192-generic amd64
12:23:41.164 INFO User cache: /root/.sonar/cache
12:23:41.697 INFO JRE provisioning: os[alpine], arch[x86_64]
12:23:42.128 INFO EXECUTION FAILURE
12:23:42.130 INFO Total time: 1.056s
##[error]12:23:42.130 ERROR Error during SonarScanner CLI execution
java.lang.IllegalStateException: Error status returned by url [https://api.sonarcloud.io/analysis/jres?os=alpine&arch=x86_64]: 403
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callUrl(ServerConnection.java:182)
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callApi(ServerConnection.java:145)
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callRestApi(ServerConnection.java:123)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.getJreMetadata(JavaRunnerFactory.java:159)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.getJreFromServer(JavaRunnerFactory.java:138)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.createRunner(JavaRunnerFactory.java:85)
at org.sonarsource.scanner.lib.internal.ScannerEngineLauncherFactory.createLauncher(ScannerEngineLauncherFactory.java:53)
at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrap(ScannerEngineBootstrapper.java:118)
at org.sonarsource.scanner.cli.Main.analyze(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:63)
12:23:42.130 ERROR Error during SonarScanner CLI execution
java.lang.IllegalStateException: Error status returned by url [https://api.sonarcloud.io/analysis/jres?os=alpine&arch=x86_64]: 403
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callUrl(ServerConnection.java:182)
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callApi(ServerConnection.java:145)
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callRestApi(ServerConnection.java:123)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.getJreMetadata(JavaRunnerFactory.java:159)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.getJreFromServer(JavaRunnerFactory.java:138)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.createRunner(JavaRunnerFactory.java:85)
at org.sonarsource.scanner.lib.internal.ScannerEngineLauncherFactory.createLauncher(ScannerEngineLauncherFactory.java:53)
at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrap(ScannerEngineBootstrapper.java:118)
at org.sonarsource.scanner.cli.Main.analyze(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:63)
##[error]12:23:42.131 ERROR
12:23:42.131 ERROR Re-run SonarScanner CLI using the -X switch to enable full debug logging.
12:23:42.131 ERROR
12:23:42.131 ERROR Re-run SonarScanner CLI using the -X switch to enable full debug logging.
##[warning]Can't find loc string for key: LIB_ProcessExitCode
##[warning]Error while executing SonarCloud:Analyze task: LIB_ProcessExitCode /azp/_work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/2.3.2/sonar-scanner/bin/sonar-scanner 1
##[error]LIB_ProcessExitCode /azp/_work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/2.3.2/sonar-scanner/bin/sonar-scanner 1
Finishing: Sonar analyze

Hey there.

This warning message suggest that a token is being set somewhere else, like sonar.token being defined in your Azure Pipelines YML or a sonar-project.properties file, or perhaps as a SONAR_TOKEN environment variable in your build.

Is that the case? In this case, it would be best to remove it and rely on the authentication being provided by specifying the service connection.

Hi there,
thanks for your replay
I no longer use the sonar.token property. However, it’s just a warning, and I need a solution to work with version 2 of tasks because version 1 is deprecated and will be deleted in a few months.

But the warning implies that is still is being set somewhere, and I think it might be getting in the way (which could be a bug, but I can’t say for sure yet).

You were using it before? Where were you configuring it?

i use juste à serviceconnection for connecting azuredevops to my sonarcloud subscription

i have a solution in case of this isse https://community.sonarsource.com/t/403-errors-on-sonar-scanner-cli-since-v6-upgrade/116407
sonar Scanner CLI v6** that could cause 403 error so to resolve this issue i used last version for cli before the version 6
cliVersion: 5.0.1.3006

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.