Connecting a Maven project to SonarCloud for code analysis within GitHub Actions can sometimes lead to frustrating errors. A common issue is encountering the message “SonarQube server http://localhost:9000 can not be reached,” even when SonarCloud (https://sonarcloud.io) is correctly configured in the pom.xml file. This article will explore the potential causes of this problem and provide solutions to resolve it.
The error indicates that the SonarScanner is attempting to connect to a local SonarQube instance running on http://localhost:9000 instead of the designated SonarCloud instance. This usually happens due to misconfigurations or missing settings within the project’s configuration files or the GitHub Actions workflow.
One primary culprit is an outdated or incorrectly configured SonarScanner. Ensure that you are using the latest version of the sonar-maven-plugin in your pom.xml. The provided configuration uses version 3.9.1.2184, which may not be the latest. Updating to the most recent version often resolves compatibility issues. You can verify the latest version on the official SonarScanner for Maven documentation.
Additionally, double-check your pom.xml to ensure the <sonar.host.url> property is correctly set to https://sonarcloud.io and that the <sonar.organization> and <sonar.projectKey> values are accurate. The provided snippet shows the correct configuration:
<sonar.organization>some-text-here</sonar.organization>
<sonar.host.url>https://sonarcloud.io</sonar.host.url>
<sonar.projectKey>some-text-here</sonar.projectKey>If these settings are correct, the problem might reside in the GitHub Actions workflow file (sonar-cloud.yml). Ensure that the SONAR_TOKEN secret is properly configured in your GitHub repository’s secrets and is correctly referenced in the workflow file using ${{ secrets.SONAR_TOKEN }}. This token authorizes the analysis and allows communication with SonarCloud.
The provided sonar-cloud.yml file appears correctly configured to utilize the SONAR_TOKEN and execute the Maven build with the SonarScanner. However, review the mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar command. The -B option runs in non-interactive batch mode, which might suppress crucial error messages. Try removing the -B option temporarily for more detailed debugging information during the workflow run.
Finally, ensure your project’s network configuration within the GitHub Actions environment allows outbound connections to https://sonarcloud.io. While unlikely, network restrictions could prevent the scanner from reaching the SonarCloud server.
By addressing these potential issues, you can successfully resolve the http://localhost:9000 connection error and integrate SonarCloud seamlessly into your GitHub Actions workflow for continuous code quality analysis. Remember to consult the official SonarCloud and GitHub Actions documentation for the most up-to-date information and troubleshooting guidance.
