Secret seems not to be resolved

I have an action which scans my code with SonarQube. It worked well until last Saturday! I do not think contributions after Saturday are causing this problem - they should be independent. I also checked for a recent change on sonarcloud-github-action@master but there is none. My SONAR_TOKEN still exists (in GitHub) and is valid (in SonarCloud).

The following is the relevant log detail:

...
2020-08-03T14:09:56.0397711Z ##[group]Run sonarsource/sonarcloud-github-action@master
2020-08-03T14:09:56.0397880Z with:
2020-08-03T14:09:56.0398004Z   projectBaseDir: .
2020-08-03T14:09:56.0398124Z env:
2020-08-03T14:09:56.0398992Z   GITHUB_TOKEN: ***
2020-08-03T14:09:56.0399110Z   SONAR_TOKEN: 
2020-08-03T14:09:56.0399230Z ##[endgroup]
2020-08-03T14:09:56.0424403Z ##[command]/usr/bin/docker run --name c2016593be907b8b408c8980f73f91f39bc0_afbfc1 --label 87c201 --workdir /github/workspace --rm -e GITHUB_TOKEN -e SONAR_TOKEN -e INPUT_PROJECTBASEDIR -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/expiry-util/expiry-util":"/github/workspace" 87c201:6593be907b8b408c8980f73f91f39bc0
2020-08-03T14:09:56.5708512Z Set the SONAR_TOKEN env variable.
2020-08-03T14:09:56.7661242Z Post job cleanup.
...

And the next is from a successful run:

...
2020-08-01T05:13:06.2942859Z ##[group]Run sonarsource/sonarcloud-github-action@master
2020-08-01T05:13:06.2943191Z with:
2020-08-01T05:13:06.2943318Z   projectBaseDir: .
2020-08-01T05:13:06.2943743Z env:
2020-08-01T05:13:06.2945032Z   GITHUB_TOKEN: ***
2020-08-01T05:13:06.2945181Z   SONAR_TOKEN: ***
2020-08-01T05:13:06.2945291Z ##[endgroup]
2020-08-01T05:13:06.2969427Z ##[command]/usr/bin/docker run --name c20138e026fc46d0469a9ee82e2def405af1_732765 --label 87c201 --workdir /github/workspace --rm -e GITHUB_TOKEN -e SONAR_TOKEN -e INPUT_PROJECTBASEDIR -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/expiry-util/expiry-util":"/github/workspace" 87c201:38e026fc46d0469a9ee82e2def405af1
2020-08-01T05:13:12.8475291Z INFO: Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
...

Has anyone else experienced this before?

Hi @ivgraai,

Glad to see you in Github Community Forum!

I notice it shows empty for token SONAR_TOKEN in the log, this should be due to the token is deleted or renamed in the secrets setting, and then caused the error, i reproduced the same on my side.

Hence, please check your repository secrets setting and confirm the SONAR_TOKEN exists to resolve the error, or recreate the secrets for a try.

Thanks

Hi @weide-zhou,

Thank you for your response!

My secret has not been updated for weeks. I noticed that SONAR_TOKEN is empty too but I do not know why. Although I am not convinced the root cause is that.

I guess it is not a real issue, just about secrets are not shared with forked repositories!?

Hi @ivgraai,

Thanks for your quick reply!

Yes, secrets are not shared to the forked repository, if you use pull_request, it cannot get the secrets value.

Mentioned in doc here:
https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#using-encrypted-secrets-in-a-workflow

Thank you so much, @weide-zhou

Glad to support! @ivgraai

If it’s resolved, you can mark the answer then it will help other guys who has same query.

Thanks.