LDAP or Google (G Suite) login


(Jens Bannmann) #1

Hi all,

a customer uses SonarQube Community edition, but I would like to suggest they move to SonarCloud. The company hosts their code (way over 500k LOC in Java, C#, C++ and other languages) in a local instance of Bitbucket Server, so their 50+ developers usually do not have Github, Bitbucket Cloud or VSTS logins. The developers have LDAP (Active Directory) and Google (G Suite) accounts.

Could you please add G Suite or LDAP login options for SonarCloud paid plans? Ideally, one would set those up for all domain users or specific groups (e.g. everybody in the domain can read, but this group is allowed to adminster projects, and that group can modify issues).

Best regards,

(Fabrice Bellingard) #2

Hi Jens,

SonarCloud targets cloud solution: GitHub, Bitbucket Cloud, and Azure DevOps. It is not designed to work with on-premise solutions (like Bitbucket Server) - although some users decide to do so. For instance, SonarCloud will not be able to annotate PRs in Bitbucket Server - which I guess is something that the dev teams really want. This is why for now, the only authentication systems are the one from the cloud solutions we integrate with.

Hope this makes sense.

(Jens Bannmann) #3

Sure, I understand the strategy. However, I hope you will reconsider this at some point. Here’s my reasoning: caring for code quality and doing something about it, e.g. by installing and maintaining a SonarQube instance, is unfortunately something that many companies do not consider a priority. Therefore, everything that reduces the amount of work increases the chances for developers (or consultants, in my case) getting the backing of management. And while SonarCloud certainly requires a company to somewhat embrace the idea of cloud services (at least for something as “unimportant” as code quality), it does not mean that nobody would use it just because they use a locally hosted repo server like Bitbucket, Github Enterprise or Gitlab. Thus, by supporting things like LDAP or G Suite and local repo servers, SonarCloud could certainly attract more customers.

Anyway, for now that means that my customer only has the option of using SonarQube Developer Edition (or even Community, but I want them to use PR decoration).