I’m setting up a shared user for CI pipeline integration with Sonarcloud.
What is the minimum or appropriate permissions the user should be given to be able to read all repositaries and open PRs?
I’d rather avoid having a system account as an organisation owner
Hey there.
Sorry for not quite understanding – are you talking about permissions in GitHub or SonarCloud?
If it’s just having a user with Execute Analysis across all projects, they really don’t need any GitHub permissions. That token and underlying permissions only matter when authenticating with SonarCloud.
The GitHub Application installed on your organization will handle the rest (PR decoration, adding new projects, etc.)
No, as per my linked thread, Sonar Cloud wants to integrate with a named user’s account. I want my CI tools integrated with a shared (Github) account. I’ve set up the github account, so now I want to know the minimal permissions the Github account needs to allow Sonar Cloud to do the needful.
Oh I see, no organisation permissions are needed at all, just a shared Git user for my CI pipeline to call execute analysis 
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.