Is there anyway to load sonarqube global permission as code?

I am trying to make a better automatically ci with jenkins containing a stage for code scanning with sonarqube.
i am using for the installation and deployment flowing environment:

  • sonarqube v 7.9.x (Docker Image from the officially SQ docker hub )
  • crowd plugin 2.1.3
  • jenkins 2.249.3
  • kubernetes 1.17

everything is fine and works good, but one of annoying things , that maybe happen, when deleting/new creating PVC and lost actual configuration, that i have configured in sonarqube UI , specifically the groups/users permissions matrix for example : users permissions for Quality Profiles/Gates administration and Execute Analysis , as in the image

to avoid this, the best and safe solution is to load such configuration from a git repo as code (which is in k8s with flux synchronised ), i am wondering if there is a way to define such configurations as code and not only from UI (i have searched in main sonar.properties and in crowd plugin properties but nothing helped).

can anyone help out?

Hi,

Welcome to the community!

I don’t entirely follow what you’re trying to accomplish. But you’ll find a link to the on-board documentation of the web services that feed the UI in the page footer. Using the right combination of services you should be able to get and set what you want.

 
HTH,
Ann

thanks for your reply !

simply, is there any way to create group/permission template while deploying sonarqube? so i can add this to my deployment template to make sure that will be creating automatically when deleting the deployment and creating it once again.
in LDAP plugin maybe i can define a group and bind the permission to it, but i am using crowd, so i did not find a useful way to do the same.

Hi,

This data is held in the database. You shouldn’t have to set it up each time you spin up SonarQube; it will be in the DB you point SonarQube to.

But if you must, then you’ll need to use web services, as I indicated earlier.

 
HTH,
Ann

yes but the problem , we use the DB as a pod in k8s cluster.
that means , when deleting the helmRelease for the whole deployment (with PVC) ,then everything return to the default configuration, und we must configure those again .
anyway, thanks for your help.