Summary

I seem to get a warning related to SCA (that’s what the AI assistant tells me when searching for the warning message I got), but the docs tell me that SCA is only available on SonarServer while I’m running SonarCloud.

We’re not blocked, but it’s somewhat irritating that there’s a warning we cannot get rid of.

Details

• ALM used (GitHub, Bitbucket Cloud, Azure DevOps)
  • GitHub
• CI system used (Bitbucket Cloud, Azure DevOps, Travis CI, Circle CI
  • GitHub Actions
• Scanner command used when applicable (private details masked)
  • sonarcube-scan-action

        uses: SonarSource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}```
  

• Languages of the repository
  TypeScript
• Only if the SonarCloud project is public, the URL
  • SonarCloud project: SonarQube Cloud
  • Codebase on GitHub: GitHub - digitalservicebund/unternehmen-steuer-gewerbe: [very early stage] API for registering with "ELSTER" and "Gewerbeämtern" · GitHub
  • GitHub actions workflow log where the warning was triggered: No shallow clone · digitalservicebund/unternehmen-steuer-gewerbe@d62d8ec · GitHub
• Error observed (wrap logs/code around with triple quotes ``` for proper formatting)
  • Log of GitHub action says 07:30:40.512 INFO ANALYSIS SUCCESSFUL, you can find the results at: https://sonarcloud.io/dashboard?id=digitalservicebund_unternehmen-steuer-gewerbe&branch=main (Full log can be found in the workflow log above)
  • When checking the link in the log, I see a “Last analysis had a warning” panel
  • Clicking the button “View warning” the popup says Failed to retrieve entitlements. Some features may not be available in this analysis.
• Steps to reproduce
  • Scan my GitHub project through sonarqube-scan-action, I guess
• Potential workaround
  • no workaround, but I can ignore the warning

Any help is appreciated!

Hi,

This is a known issue. Ugly but harmless. The fix is in progress.

 
Thx,
Ann

Thanks for the heads-up, Ann!