sonar_diagnose_permissions
Diagnose token permissions and connectivity issues.
Description
Comprehensive diagnostic tool for troubleshooting SonarQube connection and permission issues. Especially helpful for resolving 403 Forbidden errors and understanding token capabilities.
Parameters
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
verbose | boolean | No | true | Show detailed diagnostic info |
Usage
Full Diagnostics
Help me troubleshoot my SonarQube connection
Tool call:
{}
Quick Check
Quick permission check
Tool call:
{
"verbose": false
}
Response Format
Verbose Output
PERMISSION DIAGNOSTICS
━━━━━━━━━━━━━━━━━━━━━━
🔧 CONFIGURATION:
Config File: /Users/dev/myproject/bobthefixer.env
Server URL: http://localhost:9000
Project Key: myproject-a1b2c3d4
Token: squ_****...****
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🌐 CONNECTIVITY:
✓ Server reachable
✓ Port 9000 open
✓ HTTP response: 200 OK
✓ SonarQube version: 10.3.0
✓ API accessible
Response time: 45ms
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔑 TOKEN VALIDATION:
✓ Token format valid
✓ Token not expired
✓ Token authenticates successfully
Token Type: Project Analysis Token
Created: 2024-01-10 09:15:00
Last Used: 2024-01-15 14:30:00
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📋 PERMISSIONS:
Project: myproject-a1b2c3d4
┌────────────────────────┬────────┬───────────┐
│ Permission │ Status │ Required │
├────────────────────────┼────────┼───────────┤
│ Browse │ ✅ │ Yes │
│ Execute Analysis │ ✅ │ Yes │
│ See Source Code │ ✅ │ No │
│ Administer Issues │ ❌ │ No │
│ Administer Project │ ❌ │ No │
│ Create Projects │ ✅ │ For setup │
└────────────────────────┴────────┴───────────┘
All required permissions: ✅ AVAILABLE
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📊 PROJECT STATUS:
✓ Project exists
✓ Last analysis: 2024-01-15 10:30:00
✓ Quality Gate: PASSED
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✅ DIAGNOSIS: ALL SYSTEMS OPERATIONAL
No issues detected. Your configuration is working correctly.
With Issues Detected
PERMISSION DIAGNOSTICS
━━━━━━━━━━━━━━━━━━━━━━
🔧 CONFIGURATION:
Config File: /Users/dev/myproject/bobthefixer.env
Server URL: http://localhost:9000
Project Key: myproject-a1b2c3d4
Token: squ_****...****
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🌐 CONNECTIVITY:
✓ Server reachable
✓ Port 9000 open
✓ HTTP response: 200 OK
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
🔑 TOKEN VALIDATION:
✓ Token format valid
✗ Token authentication FAILED
Error: 403 Forbidden
Message: "Insufficient privileges"
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
📋 PERMISSIONS:
⚠️ Cannot verify permissions - authentication failed
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
❌ DIAGNOSIS: AUTHENTICATION FAILURE
ISSUES FOUND:
1. Token authentication failed with 403 error
This usually means:
• Token has been revoked
• Token has expired
• Token was created for a different project
RECOMMENDED ACTIONS:
1. Check token in SonarQube UI:
Account → Security → Tokens
2. Generate a new token:
- Type: Project Analysis Token
- Project: myproject-a1b2c3d4
3. Update configuration:
Run: sonar_config_manager action="reset"
Then: sonar_auto_setup
4. If using Global token:
Ensure "Execute Analysis" permission is granted
Diagnostic Checks
| Check | What It Tests |
|---|---|
| Server reachable | Network connectivity |
| Port open | Firewall/routing |
| HTTP response | Server running |
| API accessible | SonarQube functional |
| Token format | Valid token structure |
| Token auth | Credentials work |
| Permissions | Required access exists |
| Project exists | Project on server |
Permission Types
| Permission | Purpose | Required |
|---|---|---|
| Browse | View project | ✅ Yes |
| Execute Analysis | Run scans | ✅ Yes |
| See Source Code | View code | Optional |
| Administer Issues | Manage issues | Optional |
| Administer Project | Project settings | Optional |
| Create Projects | New projects | For setup |
Examples
Example 1: 403 Error Investigation
Prompt:
I'm getting 403 errors, help me debug
Tool Call:
{
"verbose": true
}
Example 2: Quick Health Check
Prompt:
Is my SonarQube connection working?
Tool Call:
{
"verbose": false
}
Example 3: Pre-scan Verification
Prompt:
Verify everything before I run a scan
Tool Call:
{}
Common Issues
403 Forbidden
Symptoms:
Token authentication FAILED
Error: 403 Forbidden
Solutions:
- Regenerate token in SonarQube
- Verify token type matches project
- Check token hasn't expired
Connection Refused
Symptoms:
Server not reachable
Connection refused on port 9000
Solutions:
- Start SonarQube:
docker start sonarqube - Check correct URL
- Verify firewall settings
Project Not Found
Symptoms:
Project does not exist
Solutions:
- Verify project key is correct
- Check token has access to project
- Run
sonar_auto_setupto create
Token Expired
Symptoms:
Token expired or revoked
Solutions:
- Generate new token
- Update bobthefixer.env
- Or run
sonar_auto_setup
Best Practices
- Run before reporting issues - Provides diagnostic info
- Use verbose mode - More detail helps debugging
- Check after token changes - Verify new token works
- Regular health checks - Catch issues early
Related Tools
sonar_config_manager- View/reset configsonar_auto_setup- Create new setupsonar_link_existing_project- Link project