How to automate setting dev ops platform for a project?

Versions: SonarQube 9.2, Scanner 4.6

I am trying to set a project’s dev ops platform automatically, either configured on Sonar or when creating the project using the sonar scanner CLI.

I have tried to find a way to set a default devops integration for all projects using the Sonar UI to no avail. I have also tried to find if there is a property that can be used when pushing the analysis, e.g. sonar-scanner -Dsonar.devops.platform=gitlab.

Is there any way to achieve this? Or is the only way to configure the devops platform to have an admin manually go into the settings of each project?

I am trying to resolve the No devops platform configured. To report the Quality Gate status to a devops platform, please configure it in the project administration. error on the project in an automated way.

Hi, to automate ALM project <==> SQ project binding, you can use the API set_gitlab_binding. There are other endpoints available for the other ALMs.

Ok thanks,

Will take a look at this, shame that it requires you to use Admin scope. Means an external service will need to have Admin rights to a large amount of projects just to link them to the ALM, which isn’t a good feeling.

I wonder, if a project is created by a user/bot, do they then have admin rights to that project? That way it could be automated as part of the Gitlab CI with a much more restricted-scope token.

Thanks for the reply.

Hi,

Are you talking about admin rights within SonarQube? Because you don’t have to be a global admin to create projects. That’s a separate, specific global permission. And in your permission template you have the ability to grant the project creator - as an individual - admin on the project.

Does that help?

 
Ann

1 Like

Ah perfect!

you have the ability to grant the project creator - as an individual - admin on the project

This is exactly what I was hoping would be possible, that way it can be done automatically in the CI/CD. As you don’t need to have an api token with overly permissive permissions.

Thanks for pointing me in the right direction.