Github Token only set via UI

sonarcloud
github
pull-request
tokens

(Ashleyparks Tc) #1

Hi,

When using the github pull request functionality in SonarCoud, SonarCloud will only report as a github status and comment on a pr if the sonar.pullrequest.github.token.secured property is set using the UI, not during the mvn sonar:sonar command (I am not using Jenkins). I have a lot of repositories and it would be much more useful if this could be sent via code instead of having to manually setup the repositories.


(Maxwell) #2

Have you set all properties in Comfiguration -> Pull Request UI, or only the token? What properties are you passing from command line/pom properties?


(Ashleyparks Tc) #3

the following is my command:

mvn sonar:sonar \
      -Dsonar.projectKey=${CIRCLE_PROJECT_REPONAME} \
      -Dsonar.organization=${ORGANIZATION} \
      -Dsonar.host.url=${SONAR_URL} \
      -Dsonar.login=${SONAR_TOKEN} \
      -Dsonar.pullrequest.branch=${CIRCLE_BRANCH} \
      -Dsonar.pullrequest.key=${CIRCLE_PR_NUMBER} \
      -Dsonar.pullrequest.provider=GitHub \
      -Dsonar.pullrequest.github.repository=toyota-connected/${CIRCLE_PROJECT_REPONAME} \
      -Dsonar.pullrequest.github.endpoint=https://api.github.com/ \
      -Dsonar.pullrequest.github.token.secured=${GITHUB_TOKEN};

and then via the UI i have set:

The pull request github functionality works fine when I have both, but without the UI settings I do not get a sonarsource github status


(Nicolas Bontoux) #4

Should this be a feature suggestion @ #suggestions instead ? Seems like current behaviour, more than a bug per-se. And it would be interesting to detail the use-case in more length, because that I might open up other solutions the the one you mention (e.g. if the token is valid for multiple projects, than an organization-wide settings in :sonarcloud: could maybe help).


(Ashleyparks Tc) #5

Yes, this is probably more of a #suggestions . Organization-wide settings would definitely be more useful in our scenarios