Using SonarCloudAnalyze@2 instead SonarCloudAnalyze@1

inforedaster · August 19, 2024, 10:03pm

ALM used ( Azure DevOps)
CI system used ( Azure DevOps)
Scanner command used when applicable (private details masked)
Languages of the repository React JS

Hi
when i use this config in azuredevops

- task: SonarCloudPrepare@1
displayName: Sonar cloud prepare
inputs:
SonarCloud: 'SonarCloud'
organization: 'gt'
scannerMode: 'CLI'
configMode: 'manual'
cliProjectKey: 'gt-acf-front'
cliProjectName: 'gt-acf-front'
cliSources: 'src/'
extraProperties: |
sonar.inclusions=**/*
sonar.scm.disabled=true

- task: SonarCloudAnalyze@1
displayName: Sonar analyze
- task: SonarCloudPublish@1
displayName: Publish quality gate Result
inputs:
pollingTimeoutSec: '300'

it works well **************

but when i change to the new version
SonarCloudPrepare@2 and task: SonarCloudAnalyze@2
i have this error :


Starting: Sonar analyze
==============================================================================
Task : Run Code Analysis
Description : Run scanner and upload the results to the SonarCloud server.
Version : 2.3.2
Author : sonarsource
Help : This task is not needed for Maven and Gradle projects since the scanner should be run as part of the build.

[More Information](https://docs.sonarcloud.io/advanced-setup/ci-based-analysis/sonarcloud-extension-for-azure-devops/)
==============================================================================
/azp/_work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/2.3.2/sonar-scanner/bin/sonar-scanner
12:23:41.111 WARN Ignoring property 'sonar.token' from env variable 'SONARQUBE_SCANNER_PARAMS' because it is already defined
12:23:41.114 INFO Scanner configuration file: /azp/_work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/2.3.2/sonar-scanner/conf/sonar-scanner.properties
12:23:41.115 WARN Ignoring property 'sonar.token' from env variable 'SONARQUBE_SCANNER_PARAMS' because it is already defined
12:23:41.116 INFO Project root configuration file: NONE
12:23:41.116 WARN Ignoring property 'sonar.token' from env variable 'SONARQUBE_SCANNER_PARAMS' because it is already defined
12:23:41.131 INFO SonarScanner CLI 6.1.0.4477
12:23:41.133 INFO Java 17.0.12 Alpine (64-bit)
12:23:41.134 INFO Linux 5.4.0-192-generic amd64
12:23:41.164 INFO User cache: /root/.sonar/cache
12:23:41.697 INFO JRE provisioning: os[alpine], arch[x86_64]
12:23:42.128 INFO EXECUTION FAILURE
12:23:42.130 INFO Total time: 1.056s
##[error]12:23:42.130 ERROR Error during SonarScanner CLI execution
java.lang.IllegalStateException: Error status returned by url [https://api.sonarcloud.io/analysis/jres?os=alpine&arch=x86_64]: 403
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callUrl(ServerConnection.java:182)
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callApi(ServerConnection.java:145)
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callRestApi(ServerConnection.java:123)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.getJreMetadata(JavaRunnerFactory.java:159)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.getJreFromServer(JavaRunnerFactory.java:138)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.createRunner(JavaRunnerFactory.java:85)
at org.sonarsource.scanner.lib.internal.ScannerEngineLauncherFactory.createLauncher(ScannerEngineLauncherFactory.java:53)
at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrap(ScannerEngineBootstrapper.java:118)
at org.sonarsource.scanner.cli.Main.analyze(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:63)
12:23:42.130 ERROR Error during SonarScanner CLI execution
java.lang.IllegalStateException: Error status returned by url [https://api.sonarcloud.io/analysis/jres?os=alpine&arch=x86_64]: 403
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callUrl(ServerConnection.java:182)
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callApi(ServerConnection.java:145)
at org.sonarsource.scanner.lib.internal.http.ServerConnection.callRestApi(ServerConnection.java:123)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.getJreMetadata(JavaRunnerFactory.java:159)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.getJreFromServer(JavaRunnerFactory.java:138)
at org.sonarsource.scanner.lib.internal.JavaRunnerFactory.createRunner(JavaRunnerFactory.java:85)
at org.sonarsource.scanner.lib.internal.ScannerEngineLauncherFactory.createLauncher(ScannerEngineLauncherFactory.java:53)
at org.sonarsource.scanner.lib.ScannerEngineBootstrapper.bootstrap(ScannerEngineBootstrapper.java:118)
at org.sonarsource.scanner.cli.Main.analyze(Main.java:75)
at org.sonarsource.scanner.cli.Main.main(Main.java:63)
##[error]12:23:42.131 ERROR
12:23:42.131 ERROR Re-run SonarScanner CLI using the -X switch to enable full debug logging.
12:23:42.131 ERROR
12:23:42.131 ERROR Re-run SonarScanner CLI using the -X switch to enable full debug logging.
##[warning]Can't find loc string for key: LIB_ProcessExitCode
##[warning]Error while executing SonarCloud:Analyze task: LIB_ProcessExitCode /azp/_work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/2.3.2/sonar-scanner/bin/sonar-scanner 1
##[error]LIB_ProcessExitCode /azp/_work/_tasks/SonarCloudAnalyze_ce096e50-6155-4de8-8800-4221aaeed4a1/2.3.2/sonar-scanner/bin/sonar-scanner 1
Finishing: Sonar analyze

Colin · August 20, 2024, 12:28pm

Hey there.

This warning message suggest that a token is being set somewhere else, like sonar.token being defined in your Azure Pipelines YML or a sonar-project.properties file, or perhaps as a SONAR_TOKEN environment variable in your build.

Is that the case? In this case, it would be best to remove it and rely on the authentication being provided by specifying the service connection.

inforedaster · August 21, 2024, 9:32am

Hi there,
thanks for your replay
I no longer use the sonar.token property. However, it’s just a warning, and I need a solution to work with version 2 of tasks because version 1 is deprecated and will be deleted in a few months.

Colin · August 21, 2024, 12:54pm

But the warning implies that is still is being set somewhere, and I think it might be getting in the way (which could be a bug, but I can’t say for sure yet).

You were using it before? Where were you configuring it?

inforedaster · August 21, 2024, 1:04pm

i use juste à serviceconnection for connecting azuredevops to my sonarcloud subscription

inforedaster · August 21, 2024, 3:46pm

i have a solution in case of this isse https://community.sonarsource.com/t/403-errors-on-sonar-scanner-cli-since-v6-upgrade/116407
sonar Scanner CLI v6** that could cause 403 error so to resolve this issue i used last version for cli before the version 6
cliVersion: 5.0.1.3006

system · August 29, 2024, 10:15am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SonarCloudPrepare@3 scanner in CLI mode fails in version 3.2.0 SonarQube Cloud scanner	2	23	April 17, 2025
Azure DevOps Pipeline analysis of GitHub repo failing on PRs SonarQube Cloud github , pull-request , azuredevops	3	647	July 21, 2023
Sonarcloud, AzureDevops CICD, PR scan failure not found SonarQube Cloud coverage , dotnet	8	417	September 6, 2023
SonarCloud Analyze - Project not found SonarQube Cloud scanner , azuredevops-services , coverage , sonarqube-cloud	3	1676	June 22, 2022
SonarCloudPrepare@3 is scanning files it didn't scan in SonarCloudPrepare@2 SonarQube Cloud coverage	2	73	November 8, 2024

Using SonarCloudAnalyze@2 instead SonarCloudAnalyze@1

Related topics