Describe the bug
The SonarCloud scan step in the SonarCloud Scan GitHub Actions workflow fails during scanner bootstrapping with an HTTP 403 error when attempting to query JRE metadata. The scan never reaches code analysis, causing the entire Gradle build to fail despite all tests
passing.
Failed to query JRE metadata: GET https://api.sonarcloud.io/analysis/jres?os=linux&arch=x86_64
failed with HTTP 403. Please check the property sonar.token or the environment variable SONAR_TOKEN.
Execution failed for task ':sonar'.
▎ The scanner bootstrapping has failed! See the logs for more details.
To Reproduce
Steps to reproduce the behavior:
- Push a commit to
main or open a pull request targeting main that modifies files under server/, frontend/, or screenshot/
- Observe the
SonarCloud Scan workflow trigger in GitHub Actions
- Navigate to the
SonarQube Server job → Scan server step
- See the HTTP 403 error during scanner bootstrapping
Expected behavior
The SonarQube scanner should authenticate successfully with SonarCloud using the SONAR_TOKEN secret, complete code analysis, and report results to the SonarCloud dashboard.
Screenshots
N/A — see the Gradle build log output in the Scan server step of the failing Actions run.
Desktop (please complete the following information)
- OS: Ubuntu (GitHub Actions
ubuntu-latest runner)
- Browser: N/A
- Version: Gradle 8.9, SonarQube Gradle plugin 6.3.1.5724, JDK 21
Smartphone (please complete the following information)
N/A
Additional context
- The
SONAR_TOKEN secret is referenced in .github/workflows/sonar.yml via ${{ secrets.SONAR_TOKEN }} but is either missing, expired, or lacks sufficient permissions on SonarCloud.
- All unit and integration tests pass successfully — only the
:sonar Gradle task fails.
- The
sonar.host.url is hardcoded to https://sonarcloud.io in server/build.gradle, so the scanner correctly targets SonarCloud regardless of the SONAR_HOST secret.
- Resolution: Regenerate the SonarCloud analysis token for the
findfirst organization and update the SONAR_TOKEN repository secret under Settings → Secrets and variables → Actions.
Describe the bug
The SonarCloud scan step in the
SonarCloud ScanGitHub Actions workflow fails during scanner bootstrapping with an HTTP 403 error when attempting to query JRE metadata. The scan never reaches code analysis, causing the entire Gradle build to fail despite all testspassing.
Failed to query JRE metadata: GET https://api.sonarcloud.io/analysis/jres?os=linux&arch=x86_64
failed with HTTP 403. Please check the property sonar.token or the environment variable SONAR_TOKEN.
Execution failed for task ':sonar'.
▎ The scanner bootstrapping has failed! See the logs for more details.
To Reproduce
Steps to reproduce the behavior:
mainor open a pull request targetingmainthat modifies files underserver/,frontend/, orscreenshot/SonarCloud Scanworkflow trigger in GitHub ActionsSonarQube Serverjob →Scan serverstepExpected behavior
The SonarQube scanner should authenticate successfully with SonarCloud using the
SONAR_TOKENsecret, complete code analysis, and report results to the SonarCloud dashboard.Screenshots
N/A — see the Gradle build log output in the
Scan serverstep of the failing Actions run.Desktop (please complete the following information)
ubuntu-latestrunner)Smartphone (please complete the following information)
N/A
Additional context
SONAR_TOKENsecret is referenced in.github/workflows/sonar.ymlvia${{ secrets.SONAR_TOKEN }}but is either missing, expired, or lacks sufficient permissions on SonarCloud.:sonarGradle task fails.sonar.host.urlis hardcoded tohttps://sonarcloud.ioinserver/build.gradle, so the scanner correctly targets SonarCloud regardless of theSONAR_HOSTsecret.findfirstorganization and update theSONAR_TOKENrepository secret underSettings → Secrets and variables → Actions.