SonarQube plugin (Sonarqube v1.1.0) fails to pass sonar.projectKey, has mounting issues, and is incompatible with latest SonarScanner CLI #6743
Description
📜 Description
When using the Sonarqube v1.1.0 plugin in a Devtron CI pipeline, it consistently fails due to multiple issues:
- sonar.projectKey is not passed to the scanner, causing an execution failure.
- The plugin uses outdated SonarScanner CLI 5.0.1, even though newer versions are available.
- Manually switching to latest scanner image (sonarsource/sonar-scanner-cli:11.3) results in HTTP 401 Unauthorized errors despite valid sonar.token.
👟 Reproduction steps
-
Use Devtron UI to configure a CI pipeline.
-
Add Sonarqube v1.1.0 as a Pre-Build step.
-
Fill all required input values:
- SonarqubeProjectKey: testing
- SonarqubeBranchName: main
- SonarqubeEndpoint, SonarqubeApiKey, etc.
-
Run the pipeline.
-
Observe errors:
- With default image(SonarScanner CLI 5.0.1): sonar.projectKey missing
- With latest image: 401 Unauthorized
👍 Expected behavior
- Passes all required flags (e.g., sonar.projectKey)
- Mounts the correct source path (e.g., /app)
- Authenticates properly using provided sonar.token
- Works seamlessly with latest supported sonarsource/sonar-scanner-cli versions, including 11.3
👎 Actual Behavior
- When using default plugin (5.0.1)
Scanner fails due to missing sonar.projectKey:
ERROR: You must define the following mandatory properties for 'Unknown': sonar.projectKey
2025/07/19 07:44:43 running step : Sonarqube v1.1.0
2025/07/19 07:44:43 variables with empty value : [CheckoutPath]
2025/07/19 07:44:43 running script commands
********** Sonarqube Project Name : testing , Sonarqube Branch name : main ***********
*********Creating Sonarqube project **********
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
{"errors":[{"msg":"Could not create Project with key: \"testing\". A similar key already exists: \"testing\""}]}
********** Starting the scanning ************
Unable to find image 'sonarsource/sonar-scanner-cli:5.0.1' locally
5.0.1: Pulling from sonarsource/sonar-scanner-cli
3c854c8cbf46: Pulling fs layer
4f4fb700ef54: Pulling fs layer
abe98265d206: Pulling fs layer
c49a83759257: Pulling fs layer
c49a83759257: Waiting
4f4fb700ef54: Download complete
3c854c8cbf46: Download complete
3c854c8cbf46: Pull complete
4f4fb700ef54: Pull complete
c49a83759257: Download complete
abe98265d206: Download complete
abe98265d206: Pull complete
c49a83759257: Pull complete
Digest: sha256:02372948eaeeb10dfbe0cfd4174d44b8e405d0aeae431532b2bdb21d0347bf23
Status: Downloaded newer image for sonarsource/sonar-scanner-cli:5.0.1
INFO: Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: NONE
INFO: SonarScanner 5.0.1.3006
INFO: Java 17.0.10 Alpine (64-bit)
INFO: Linux 6.6.87+ amd64
INFO: User cache: /opt/sonar-scanner/.sonar/cache
INFO: Analyzing on SonarQube server 25.7.0.110598
INFO: Default locale: "en_US", source code encoding: "UTF-8" (analysis is platform dependent)
INFO: Load global settings
INFO: Load global settings (done) | time=228ms
INFO: Server id: 147B411E-AZgWDOrgHf_yRXaOuVP5
INFO: Loading required plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=149ms
INFO: Load/download plugins
INFO: Load/download plugins (done) | time=1022ms
INFO: Process project properties
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 6.709s
INFO: Final Memory: 9M/40M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarScanner execution
ERROR: You must define the following mandatory properties for 'Unknown': sonar.projectKey
ERROR:
ERROR: Re-run SonarScanner using the -X switch to enable full debug logging.
Status code of sonarqube scanning command : 2
****** Sonarqube scanning command failed to run *********
2025/07/19 07:45:10 exit status 1
exit status 1
2025/07/19 07:45:10 error in running pre Ci Steps err exit status 1
- When using latest scanner (11.3)
Scanner fails with 401 Unauthorized despite valid token:
GET http:///api/v2/analysis/version failed with HTTP 401
2025/07/19 06:38:58 running step : Sonarqube v1.1.0
2025/07/19 06:38:58 variables with empty value : []
2025/07/19 06:38:58 running script commands
********** Sonarqube Project Name : testing , Sonarqube Branch name : main ***********
*********Creating Sonarqube project **********
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
{"errors":[{"msg":"Could not create Project with key: \"testing\". A similar key already exists: \"testing\""}]}
********** Starting the scanning ************
06:38:59.956 INFO Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
06:38:59.971 INFO Project root configuration file: NONE
06:39:00.007 INFO SonarScanner CLI 7.1.0.4889
06:39:00.013 INFO Java 17.0.14 Amazon.com Inc. (64-bit)
06:39:00.015 INFO Linux 6.6.87+ amd64
06:39:00.099 INFO User cache: /opt/sonar-scanner/.sonar/cache
06:39:02.760 ERROR Failed to query server version: GET http://<SOAR_VM_IP>:9000/api/v2/analysis/version failed with HTTP 401. Please check the property sonar.token or the environment variable SONAR_TOKEN.
06:39:02.761 INFO EXECUTION FAILURE
06:39:02.764 INFO Total time: 2.818s
Status code of sonarqube scanning command : 1
****** Sonarqube scanning command failed to run *********
2025/07/19 06:39:03 exit status 1
exit status 1
2025/07/19 06:39:03 error in running pre Ci Steps err exit status 1
☸ Kubernetes version
GKE, Kubernetes version v1.33.1-gke.1744000
Cloud provider
Google Cloud Platform
🌍 Browser
Chrome
🧱 Your Environment
No response
✅ Proposed Solution
No response
👀 Have you spent some time to check if this issue has been raised before?
- I checked and didn't find any similar issue
🏢 Have you read the Code of Conduct?
- I have read the Code of Conduct