[Gitlab] Per-project configuration for gitlab API token for MR decoration comments gone in 8.9 LTS / 8.x #366
Comments
|
Not sure if I understand your issue. You can create in SonarQube tokens for different users having access to different projects. You just need to ensure the correct token is used within the GitLab CI job. Is this a possible solution for your request? |
nejch
changed the title
|
@ezintz it's not about sonarqube tokens in gitlab, it's about gitlab tokens in sonarqube :) |
@ezintz sorry I guess I should have been clearer on that. In previous versions you were able to configure the GitLab API token (usually a GitLab project access token/personal access token of a bot user) that posts the MR decorations to GitLab, in every project. This section under Pull Request in the Project Administration menu:
This is now replaced with:
This means only one bot user can be set for the entire SonarQube instance. If people want PR decorations in their GitLab projects they need to give reporter access to that user, so you end up with a token that will have read access to a bunch of projects. |
The default distribution of Sonarqube only allows a single instance of each ALM to be configured, which prevents using ALM decoration where 2 different repositories require different API keys in a single ALM. To allow multiple configurations to be defined per ALM, the `MultipleAlmFeatureProvider` is being intercepted by the agent for the Web component and the `enabled` method being replace to always return `true`, thereby removing the limit on ALMs in the front-end.
The default distribution of Sonarqube only allows a single instance of each ALM to be configured, which prevents using ALM decoration where 2 different repositories require different API keys in a single ALM. To allow multiple configurations to be defined per ALM, the `MultipleAlmFeatureProvider` is being intercepted by the agent for the Web component and the `enabled` method being replace to always return `true`, thereby removing the limit on ALMs in the front-end.
|
Thanks a lot for the quick PR there @mc1arke! Just wondering as I'm not really knowledgeable in Java, the related PR enables multiple ALM entries but they'd still need to be configured at instance level, or does this bring back the project-level config already? FYI - some people at our company run the Developer Edition and they've started a request with sonarsource to bring the same functionality, so maybe there'll be more direction there from upstream. But I'm really not sure how responsive Sonarsource are to feature requests. |
|
Hi @nejch, the feature allows multiple decorators to be defined per-alm, but this is performed at a server/instance level rather than a per-project level, with each project then deciding which ALM configuration to use. Unfortunately Sonarqube doesn't provide any option on the ALM project screen for adding properties, so any additional configuration would need to be on another screen, which becomes a UX nightmare. |
I see, thanks for the quick reply @mc1arke. So you mean it wouldn't currently be possible to add a custom entry in the "Pull Request Decoration" tab in Project Settings where a user would override the instance-level config, as was done pre-8.x with this plugin? For example, this mockup below:
I guess the best option here would be to wait for SonarQube to implement this as a project-level config and this will likely then also open up options for you to add the missing properties (since they'd have to do the same to implement it)? |
mc1arke
added
the
backport candidate
|
Released in v1.9.0 of the plugin |
The default distribution of Sonarqube only allows a single instance of each ALM to be configured, which prevents using ALM decoration where 2 different repositories require different API keys in a single ALM. To allow multiple configurations to be defined per ALM, the `MultipleAlmFeatureProvider` is being intercepted by the agent for the Web component and the `enabled` method being replace to always return `true`, thereby removing the limit on ALMs in the front-end. (cherry picked from commit b3c9f54)
|
Backported to 1.8.1 of the plugin for Sonarqube 8.9 support. |
mc1arke
removed
awaiting release
First, thanks a lot for maintaining compatibility with several versions, it must be a pain.
We're in the process of migrating to 8.9 LTS from 7.9 LTS (plugin 1.3.x to 1.8.0) and noticed that, with the new ALM Settings replacing some of the the old Pull Request config, the ability to configure a PAT for PR decoration per-project is gone.
I understand this basically follows the SonarQube feature set and it's convenient for some as it's less config. But when SQ integrates with a large GitLab instance I'm afraid people won't want to share the same token with read access to hundreds of projects that want to integrate with the SQ instance. Is there any chance that the per-project token config option from older versions can be restored? Thanks again!
The text was updated successfully, but these errors were encountered: