Auto apply different permission profiles on project creation

openshift4 · August 11, 2022, 10:23am

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
what are you trying to achieve
what have you tried so far to achieve this

Hi SonarQube,

SonarQube version : 8.9.6

The entire story is like this: we have five developer teams, and they have five distinct groups in SonarQube.

I have read this thread (How to auto-apply a Permission template (with Project Key Pattern) - #7 by Denis) and created a permission profile with a project key for TEAM one. In that permission profile, I assigned that group one must have full permission.

We built a project with bambo. It was created on SonarQube with no access for Group One! because I realized as long as the second permission profile is not set as default, it wont be triggered.

I set the second permission profile as the default for projects, and once we built the project with bamboo, it was created on SonarQube with the right permission for Group One. However, the issue is, if team two builds a project with bamboo, the project still receives permission from group one!!

In this case, what is the solution to having different permission profiles (5) with different key patterns and having them all be checked when a project is being built?

Colin · August 11, 2022, 11:03am

Hey there.

Most likely, your key pattern isn’t matching your project keys.

What key patterns are you trying to use, and what are the project keys you expect to match them?

openshift4 · August 11, 2022, 11:49am

Hi Colin,

Thanks for your response.

As depicted in the figure, I set com.sonar* and what we set for the project key was com.sonarqube.vpt.forum

Colin · August 11, 2022, 11:51am

Thanks.

Regex101 tells me that those don’t match.

openshift4 · August 11, 2022, 12:11pm

True , but in the link that i shared, someone from SonarQube mentioned it explicitly :

" Note that my first test didn’t work. I used a bash pattern (com.sonar* ) rather than a valid regular expression (com.sonar.* )."

However, if the expression was wrong, why then it worked when i made the second permission profile default?

I will try with " com.sonar.* " and see what happens without setting the permission profile default for all projects.

openshift4 · August 12, 2022, 10:47am

thanks, the problem was with the regex.

it works and one can create as many as permission profiles with different project keys patterns.

Topic		Replies	Views
How to auto-apply a Permission template (with Project Key Pattern) SonarQube Server / Community Build sonarqube	11	11507	May 15, 2020
Not able assign permission templates automatically to projects SonarQube Server / Community Build bug-no-category	0	298	September 1, 2021
Permission Templates can't be used with custom Project Key SonarQube Cloud permissions , sonarqube-cloud	1	361	May 31, 2024
API to get projects based on a permission template (or) capture newly created project SonarQube Server / Community Build sonarqube , web_api	4	1169	December 13, 2022
Projects only get default permissions template at set up phase SonarQube Server / Community Build sonarqube	4	242	August 22, 2023

Auto apply different permission profiles on project creation

Related topics