Fix SonarQube Analysis Not Running

What's Actually Happening

SonarQube analysis fails to start or complete. Code quality checks are not performed on the project.

The Error You'll See

```bash $ mvn sonar:sonar

[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.9:sonar Project not found ```

Connection error:

```bash $ gradle sonarqube

Execution failed for task ':sonarqube'. Unable to connect to SonarQube server ```

Authentication error:

```bash $ sonar-scanner

ERROR: Not authorized. Please check the sonar.login property ```

Token error:

```bash $ sonar-scanner

ERROR: Invalid or missing token ```

Why This Happens

1.Server unreachable - SonarQube server not accessible
2.Authentication failure - Invalid credentials or token
3.Project not created - Project does not exist in SonarQube
4.Scanner misconfigured - Wrong scanner configuration
5.Insufficient permissions - User lacks analysis permission
6.Quality profile missing - No quality profile for language

Step 1: Check SonarQube Server Status

```bash # Check server health: curl -s http://sonarqube:9000/api/system/health | jq .

# Check server status: curl -s http://sonarqube:9000/api/system/status | jq .

# Output: {"status":"UP"} or {"status":"DOWN"}

# Check server is running: systemctl status sonarqube

# Or Docker: docker ps | grep sonarqube

# Check server logs: docker logs sonarqube # Or: tail -f /opt/sonarqube/logs/sonar.log

# Check web UI: curl http://sonarqube:9000

# Check database connection: curl -s http://sonarqube:9000/api/system/db_migration_status | jq . ```

Step 2: Test Server Connectivity

```bash # Test network connectivity: ping sonarqube

# Test port: nc -zv sonarqube 9000

# Test HTTP: curl -v http://sonarqube:9000/api/server/version

# Test with authentication: curl -u admin:admin http://sonarqube:9000/api/server/version

# Check DNS: dig sonarqube nslookup sonarqube

# Test from CI/CD: # In pipeline, add: curl http://sonarqube:9000/api/system/status ```

Step 3: Verify Authentication

```bash # Check token validity: curl -u TOKEN: http://sonarqube:9000/api/user_tokens/search

# Generate new token: # SonarQube UI -> User -> My Account -> Security -> Tokens

# Or via API: curl -u admin:admin -X POST \ "http://sonarqube:9000/api/user_tokens/generate?name=ci-token"

# Configure scanner with token: # Maven: mvn sonar:sonar -Dsonar.login=TOKEN

# Gradle: gradle sonarqube -Dsonar.login=TOKEN

# Sonar Scanner CLI: sonar-scanner -Dsonar.login=TOKEN

# Or in sonar-project.properties: sonar.login=TOKEN

# Check user permissions: curl -u admin:admin \ "http://sonarqube:9000/api/permissions/users?permission=scan" ```

Step 4: Configure SonarQube Scanner

```bash # Maven configuration in pom.xml: <build> <plugins> <plugin> <groupId>org.sonarsource.scanner.maven</groupId> <artifactId>sonar-maven-plugin</artifactId> <version>3.9.1.2184</version> </plugin> </plugins> </build>

# Run Maven analysis: mvn clean verify sonar:sonar \ -Dsonar.host.url=http://sonarqube:9000 \ -Dsonar.login=TOKEN

# Gradle configuration in build.gradle: plugins { id "org.sonarqube" version "4.0.0.2929" }

sonarqube { properties { property "sonar.host.url", "http://sonarqube:9000" property "sonar.login", "TOKEN" } }

# Run Gradle analysis: gradle sonarqube

# CLI scanner configuration in sonar-project.properties: sonar.projectKey=my-project sonar.projectName=My Project sonar.projectVersion=1.0 sonar.sources=src sonar.host.url=http://sonarqube:9000 sonar.login=TOKEN

# Run CLI scanner: sonar-scanner ```

Step 5: Create Project

```bash # Create project via UI: # Projects -> Create Project -> Manual

# Or via API: curl -u admin:admin -X POST \ "http://sonarqube:9000/api/projects/create?project=my-project&name=My%20Project"

# Check project exists: curl -u admin:admin \ "http://sonarqube:9000/api/projects/search?projects=my-project"

# Set project permissions: curl -u admin:admin -X POST \ "http://sonarqube:9000/api/permissions/add_user?login=user&permission=scan&projectKey=my-project"

# Allow anonymous scans (not recommended for production): curl -u admin:admin -X POST \ "http://sonarqube:9000/api/permissions/add_group?groupName=Anyone&permission=scan" ```

Step 6: Check Project Key

```bash # Project key must match: # In sonar-project.properties: sonar.projectKey=my-project

# In Maven pom.xml: <properties> <sonar.projectKey>my-project</sonar.projectKey> </properties>

# In Gradle build.gradle: sonarqube { properties { property "sonar.projectKey", "my-project" } }

# Common issues: # - Key contains spaces or special chars # - Key doesn't match project in SonarQube

# Valid keys: # my-project # my_company_my_project # Invalid: My Project, my-project-1.0!

# Check existing projects: curl -u admin:admin \ "http://sonarqube:9000/api/projects/search" | jq '.components[].key' ```

Step 7: Check Quality Profiles

```bash # Check quality profiles: curl -u admin:admin \ "http://sonarqube:9000/api/qualityprofiles/search"

# Check profile for language: curl -u admin:admin \ "http://sonarqube:9000/api/qualityprofiles/search?language=java"

# Assign profile to project: curl -u admin:admin -X POST \ "http://sonarqube:9000/api/qualityprofiles/add_project?profileName=Sonar%20way&projectKey=my-project&language=java"

# Check default profile: curl -u admin:admin \ "http://sonarqube:9000/api/qualityprofiles/search?defaults=true"

# Import rules if needed: curl -u admin:admin -X POST \ "http://sonarqube:9000/api/qualityprofiles/restore" \ -d @profile-backup.xml ```

Step 8: Check Analysis Scope

```bash # Check analysis scope: # By default, only new code analyzed

# Force full analysis: sonar.analysis.mode=preview # Deprecated # Use: sonar.newCode.referenceBranch=main

# Check exclusions: sonar.exclusions=/test/,/generated/ sonar.test.exclusions=/test/

# Include all files: sonar.inclusions=src/main/java/**

# Check coverage exclusions: sonar.coverage.exclusions=/config/,/dto/

# Debug analysis scope: mvn sonar:sonar -X -Dsonar.showExcludedFiles=true

# Check scanner logs: # Look for: "Excluded sources" ```

Step 9: Check CI/CD Integration

```bash # Jenkins pipeline integration: pipeline { stages { stage('SonarQube Analysis') { steps { withSonarQubeEnv('SonarQube') { sh 'mvn sonar:sonar' } } } stage('Quality Gate') { steps { timeout(time: 5, unit: 'MINUTES') { waitForQualityGate abortPipeline: true } } } } }

# GitHub Actions: - name: SonarQube Scan uses: sonarsource/sonarqube-scan-action@master env: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}

# GitLab CI: sonarqube-check: script: - mvn sonar:sonar -Dsonar.login=$SONAR_TOKEN variables: SONAR_HOST_URL: http://sonarqube:9000 ```

Step 10: SonarQube Verification Script

```bash # Create verification script: cat << 'EOF' > /usr/local/bin/check-sonarqube.sh #!/bin/bash

SONAR_URL=${1:-"http://localhost:9000"} TOKEN=${2:-"admin"}

echo "=== SonarQube Status ===" curl -s -u $TOKEN: $SONAR_URL/api/system/status | jq .

echo "" echo "=== SonarQube Health ===" curl -s -u $TOKEN: $SONAR_URL/api/system/health | jq .

echo "" echo "=== SonarQube Version ===" curl -s -u $TOKEN: $SONAR_URL/api/server/version

echo "" echo "=== Projects ===" curl -s -u $TOKEN: "$SONAR_URL/api/projects/search" | jq '.components[] | {key: .key, name: .name}'

echo "" echo "=== Quality Profiles ===" curl -s -u $TOKEN: "$SONAR_URL/api/qualityprofiles/search" | jq '.profiles[] | {name: .name, language: .language}'

echo "" echo "=== Active Plugins ===" curl -s -u $TOKEN: "$SONAR_URL/api/plugins/installed" | jq '.plugins[] | .key'

echo "" echo "=== Database Status ===" curl -s -u $TOKEN: "$SONAR_URL/api/system/db_migration_status" | jq .

echo "" echo "=== Analysis Status (last 5) ===" curl -s -u $TOKEN: "$SONAR_URL/api/ce/activity?status=FAILED&status=CANCELED" | jq '.tasks[:5]'

echo "" echo "=== Test Analysis ===" echo "Testing connection..." curl -s -u $TOKEN: "$SONAR_URL/api/authentication/validate" | jq . EOF

chmod +x /usr/local/bin/check-sonarqube.sh

# Usage: /usr/local/bin/check-sonarqube.sh http://sonarqube:9000 YOUR_TOKEN

# Quick test: alias sonar-test='curl -s http://sonarqube:9000/api/system/status' ```

SonarQube Analysis Checklist

Check	Command	Expected
Server status	api/system/status	UP
Connectivity	curl sonarqube:9000	Connected
Authentication	api/authentication/validate	Valid
Project exists	api/projects/search	Project listed
Quality profile	api/qualityprofiles	Assigned
Scanner config	-Dsonar.login	Token configured

Verify the Fix

```bash # After fixing analysis issue

# 1. Check server curl http://sonarqube:9000/api/system/status // UP

# 2. Test authentication curl -u TOKEN: http://sonarqube:9000/api/user_tokens/search // Token valid

# 3. Run analysis mvn sonar:sonar -Dsonar.login=TOKEN // BUILD SUCCESS

# 4. Check project curl http://sonarqube:9000/api/projects/search?projects=my-project // Project found

# 5. View results # Open SonarQube UI // Analysis visible

# 6. Quality gate # Check pipeline // Pass or Fail status ```

[Fix Jenkins Build Stuck](/articles/fix-jenkins-build-stuck)
[Fix GitLab CI Pipeline Stuck](/articles/fix-gitlab-ci-pipeline-stuck)
[Fix GitHub Actions Workflow Failed](/articles/fix-github-actions-workflow-failed)

What's Actually Happening

The Error You'll See

Why This Happens

Step 1: Check SonarQube Server Status

Step 2: Test Server Connectivity

Step 3: Verify Authentication

Step 4: Configure SonarQube Scanner

Step 5: Create Project

Step 6: Check Project Key

Step 7: Check Quality Profiles

Step 8: Check Analysis Scope

Step 9: Check CI/CD Integration

Step 10: SonarQube Verification Script

SonarQube Analysis Checklist

Verify the Fix

Related Issues

Share this guide

More CI/CD Troubleshooting Guides

Tekton Workspace Not Bound

Tekton TaskRun Timeout

Tekton PipelineRun Failed

Flux Source Not Ready

Flux Helm Release Failed

Flux Kustomization Not Applying