You're not authorized to run analysis.Error occured only when executing on Jenkins pipeline

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension) - SonarQube
  • how is SonarQube deployed: zip, Docker, Helm - zip
  • what are you trying to achieve - For same project, with same token analysis is done and uploaded to sonarqube dashboard via github actions but the issue occurs in Jenkins pipeline
  • what have you tried so far to achieve this -
    - Tried same command and token from both github actions and Jenkins pipeline.
    - Generated new token and tried with that as well
    - Token generated as admin user and it has administer permission for all repos

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

> Task :sonar FAILED 
**17:48:54** 
**17:48:54** FAILURE: Build failed with an exception. 
**17:48:54** 
**17:48:54** * What went wrong: 
**17:48:54** Execution failed for task ':sonar'. 
**17:48:54** > You're not authorized to run analysis. Please contact the project administrator. 
**17:48:54** 
**17:48:54** * Try: 
**17:48:54** > Run with --info or --debug option to get more log output. 
**17:48:54** > Run with --scan to get full insights. 
**17:48:54** 
**17:48:54** * Exception is: 
**17:48:54** org.gradle.api.tasks.TaskExecutionException: Execution failed for task ':sonar'. 
**17:48:54** at org.gradle.api.internal.tasks.execution.ExecuteActionsTaskExecuter.lambda$executeIfValid$1(ExecuteActionsTaskExecuter.java:147) 
**17:48:54** at org.gradle.internal.Try$Failure.ifSuccessfulOrElse(Try.java:282)

Analyzed on below

  1. Gradle sonar command
    a. Not all the repos which are using this same gradle command is failing. only few repos
  2. SonarQube Token
    a. Token validity is till year end
    b. Permission settings for the failed repos are same as other repo
    c. PR Analysis for the repo was successful, hence no issue with sonar config either
    d. if branch analysis triggered from Github actions , then it is success but failed when triggered from both GCP and K8 hosted Jenkins
  3. Sonar Server
    a. Sonar analysis api returned error code 404 and no other logs found related to this this since the request didn’t reach the server properly.
    b. access.log:127.0.0.1 - - [19/Sep/2024:05:55:46 +0530] “GET /api/analysis_cache/get?project=mahindra-cid-surprise-message&branch=hmi_master HTTP/1.0” 404 - “-” “ScannerGradle/3.5.0.2730/Gradle 7.4” “AZBXmyBZUeO5fNJ9GbmB”
  4. Plugin Config
    a. Sonar plugin version 3.5.0.2730 is used across all the repo
  5. Code Changes
    a. No Specific changes related to the config/plugin versions done by dev team in build.gradle

Hi,

The error message is pretty clear. I would guess it’s not exactly the same token in both places. Or there’s some interference on the network.

 
HTH,
Ann

I have listed the points above which we were analyzed till now.
Few more queries :

  1. Do sonar maintain any cache ?
  2. Analysis request from github actions / Jenkins makes any difference though the commands used are same
  3. Is there any limitation Project wise for analysis

Hi,

For question 2, as I said before, I suspect this is about having a slightly different token value in each place.

For the others, we try to keep it to one topic per thread. Otherwise it can get messy, fast. Please create new threads if you’d like to pursue those questions.

 
Ann

Hi Ann,

Token values are same for all the repos as we add it as a Jenkins credential.
we double checked it already.

This Issue occurs only when triggered from Jenkins. daily the repo with this issue is increasing.
At command or Token, we didnt make any changes recently.

Generic token and command is used for all repos under our organisation.

Hi,

I don’t know what to tell you. The error message is clear:

Are you sure the token issuer has analysis permissions on the project in question?

 
Ann

Yes. It has Execute Analysis and Administer permission.

Hi,

Sorry, I just don’t know what else to advise you.

 
Ann