sonar-scanner-msbuild icon indicating copy to clipboard operation
sonar-scanner-msbuild copied to clipboard

Published 20 hours ago verified publisher icon SonarSource

Improve error handling when project does not exist and cannot be created

Open mary-georgiou-sonarsource opened this issue 2 years ago • 3 comments

Related to #1293 and #1297

Current behavior:

When trying to run an analysis and the project key has a typo, the analysis fails at the end step with a permission related error.

dotnet sonarscanner begin /k:"projectKeyWithTypo" /d:sonar.login="correct_access_token_for_project_without_typo" /d:sonar.host.url="https://peach.sonarsource.com/"
dotnet build
dotnet sonarscanner end /d:sonar.login="correct_access_token_for_project_without_typo"

Error that appears at the end of the end step:

INFO: Analysis report compressed in 54ms, zip size=61.9 kB
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 13.659s
INFO: Final Memory: 39M/176M
ERROR: Error during SonarScanner execution
INFO: ------------------------------------------------------------------------
ERROR: You're not authorized to run analysis. Please contact the project administrator.
ERROR:
The SonarScanner did not complete successfully
15:55:17.472  Post-processing failed. Exit code: 1

Why this happens:

The given project key has a typo, and cannot be found as an existing project in SonarQube. As a result, this creates a request for new project creation, but the user executing the analysis has no permission for this.

Expected behavior:

  • Fail early during the begin step.
  • Print out a more precise error message.

mary-georgiou-sonarsource avatar Aug 10 '22 07:08 mary-georgiou-sonarsource

@sebastien-marichal I understand that this is difficult to achieve with our current architecture and I suggest we don't try to do any more for now. I'd like to review how we interact with Scanner CLI and the products later in the year and this would be a good opportunity to revisit this then.

tom-howlett-sonarsource avatar Mar 24 '23 12:03 tom-howlett-sonarsource

Work done so far is available at e6fd283.

  • Checking if the project exists using api/components/tree?qualifiers=TRK&component=<project-key> endpoint
  • Checking user permission using api/users/current only when targeting SQ
    • Unfortunately, this endpoint is flagged INTERNAL and unsuitable for our use case.

sebastien-marichal avatar Mar 24 '23 15:03 sebastien-marichal

The title of this issue (and PR for commit history) is very long. Please try to shrink it to something like "Improve message when project cannot be created", or something in that area

pavel-mikula-sonarsource avatar Mar 27 '23 07:03 pavel-mikula-sonarsource