0

ALM used Bitbucket Cloud

CI system used Bitbucket Cloud

Languages of the repository: Angular (Other (for JS, TS, Go, Python, PHP, …))

Error observed
ERROR: Error during SonarScanner execution

ERROR: Not authorized. Please check the property sonar.login or SONAR_TOKEN env variable

Steps to reproduce

SONAR_TOKEN already generated and added to my ENV_VAR

Bitbucket.yaml

image: ‘node:12.22’
clone:
depth: full # SonarCloud scanner needs the full history to assign issues properly

definitions:
caches:
sonar: ~/.sonar/cache # Caching SonarCloud artifacts will speed up your build
steps:

step: &build-test-sonarcloud
name: Build, test and analyze on SonarCloud
caches:
- sonar
script:
- pipe: sonarsource/sonarcloud-scan:1.2.1
variables:
EXTRA_ARGS: ‘-Dsonar.host.url=https://sonarcloud.io -Dsonar.login=${SONAR_TOKEN}’

step: &check-quality-gate-sonarcloud
name: Check the Quality Gate on SonarCloud
script:
- pipe: sonarsource/sonarcloud-quality-gate:0.1.4

pipelines:
branches
  • Potential workaround No idea.
xnextion
  • 13
  • 6

1 Answers1

0

if you already install the sonar cloud app to your workspace environment, there is no need to give the sonar url again. The integration process is handling the URL part. Also, you should add your Sonar token variable to Workspace or repo environment. After that, you should login to Sonar Cloud organization account and bind your repo to SonarCloud to be able to evaluate it by Sonar Cloud. Here is my Sonar Cloud setup;

bitbucket-pipelines.yml file,

image:
  name: <base image>

clone:
  # SonarCloud scanner needs the full history to assign issues properly
  depth: full

definitions:
  caches:
    # Caching SonarCloud artifacts will speed up your build
    sonar: ~/.sonar/cache

pipelines:
  pull-requests:
    '**':
      - step:
          name: "Code Quality and Security on PR"
          script:
            - pipe: sonarsource/sonarcloud-scan:1.2.1
              variables:
                SONAR_TOKEN: '$SONAR_CLOUD_TOKEN'
                SONAR_SCANNER_OPTS: -Xmx512m
                DEBUG: "true"
  branches:
    master:
      - step:
          name: "Code Quality and Security on master"
          script:
            - pipe: sonarsource/sonarcloud-scan:1.2.1
              variables:
                SONAR_TOKEN: '$SONAR_CLOUD_TOKEN'
                SONAR_SCANNER_OPTS: -Xmx512m
                DEBUG: "true"
  tags:
    '*.*.*-beta*':
      - step:
          name: "Image Build & Push"
          services:
            - docker
          caches:
            - docker
          clone:
            depth: 1
          script:
            - <build script>       
      - step:
          name: "Deploy"
          deployment: beta
          clone:
            enabled: false
          script:
            - <deploy script>
    '*.*.*-prod':
      - step:
          name: "Image Build & Push"
          services:
            - docker
          caches:
            - docker
          clone:
            depth: 1
          script:
            - <build script>       
      - step:
          name: "Deploy"
          deployment: prod
          clone:
            enabled: false
          script:
            - <deploy script>

sonar-project.properties file,

sonar.organization=<sonar cloud organization name> 

sonar.projectKey=<project key>
sonar.projectName=<project name>

sonar.sources=<sonar evaluation path>
sonar.language=<repo language>
sonar.sourceEncoding=UTF-8
Oguzhan Aygun
  • 1,314
  • 1
  • 10
  • 24
  • when I don't declare the URL said "can not reach [localhost:9000]' , then you suggest inserting pipe sonar scan instead of calling him? Because the project has 2 steps build and deploy. And about sonar-project.properties file it's supposed to be created by himself or I should create? because the instruction does not even mention it. – xnextion Feb 12 '22 at 15:41
  • Did you import your project to SonarCloud, can you see your repo in there? because localhost:9000 error seems interesting in these situation. – Oguzhan Aygun Feb 12 '22 at 17:12
  • Yes, i had import it but need to "connect" with token so I already declare like a env var and as I wrote before without EXTRA_ARGS: ‘-Dsonar.host.url=https://sonarcloud.io it's going to keep me saying " can not reach localhost:9000" . But even with -Dsonar.login=${SONAR_TOKEN}’ it does not even take my token. – xnextion Feb 13 '22 at 00:37
  • I think I understood the problem, I look some extra examples and I guess neither sonar URL nor `$SONAR_TOKEN` variable should not be in the extra args. There is a variable as `SONAR_TOKEN`. Can you try to delete all extra args part and give only `SONAR_TOKEN: '$SONAR_CLOUD_TOKEN'` as a variable? Also please change your lines include ` to ' in pipelines, or completely remove them. It can cause a problem maybe. Reference : https://bitbucket.org/sonarsource/sample-nodejs-project/src/master/bitbucket-pipelines.yml – Oguzhan Aygun Feb 13 '22 at 02:30
  • Done, ERROR: SonarQube server [http://localhost:9000] can not be reached script: - pipe: sonarsource/sonarcloud-scan:1.2.1 variables: SONAR_TOKEN: '$SONAR_CLOUD_TOKEN' SONAR_SCANNER_OPTS: -Xmx512m DEBUG: "true" This project don't have sonar-project.properties file – xnextion Feb 14 '22 at 21:32
  • Okay as we can see from the error, I think we need sonar-project.properties file. I'm not sure my setup is 100 percent best practice, but can we try my setup. I mean, create a properties file, if it doesn't work either, create a seperate step for sonar cloud check rather than calling it from build and deploy. My setup is working so our last option can be copying my setup. – Oguzhan Aygun Feb 15 '22 at 08:26
  • Which will be the content of the sonar project. properties file? and is a specific order to set the steps? the current sonar scan is running after the application build step. – xnextion Feb 15 '22 at 09:42
  • I think there is a little bit misusage there, you are building your code without knowing the code is good enough to be builded. Sonar scan should run before building process in my opinion. I edited the post above, there is a sample properties file there, also I fully copied my pipeline structure – Oguzhan Aygun Feb 15 '22 at 10:52
  • Currently, the build step builds successfully. But following your bitbucket-pipelines.yml file, the console still remain to localhost:9000 can not be reached. And about your sonar project. properties... it's not supposed to be auto binded? i mean my repo is bound my project – xnextion Feb 15 '22 at 11:16
  • Actually, you are right, there are no notes that you are supposed to create sonar properties file, but also, it's not auto-generated. It's worth trying that creating a properties file your repo language, your sonar organization name and sonar project key, sonar project name and sonar sources path in it. maybe adding it will solve the problems. – Oguzhan Aygun Feb 15 '22 at 11:20
  • any idea? i do not believe that create that file is going to solve my issue – xnextion Mar 01 '22 at 20:07