One badge token for all my projects

Hello!

We are using GitLab. We have a group with a bunch of Java projects. In this group, you can configure a set of badges. These will be applied to all projects under this group, and they can of course use GitLab templating to make sure the correct project is being referenced.

I’ve set up a few SonarQube badges, here is an example:
https://sonar.mycompany.com/api/project_badges/measure?project=CompanyName---%{group_name}-%{project_name}&metric=alert_status&token=sqb_XXX

As you can see, I use the template variables group_name and project_name to make sure I reference the correct project. Note that our SonarQube is shared among sibling companies in our organization, so that’s why we also prefix the projects with CompanyName---.

Now, I was first under the impression that the badge token was somehow connected to my user and therefore had access to all projects I have access to. But apparently, it’s a unique token for each project.

I would love to be able to generate a token (under my user, for example), that have access to all the projects I have access to. So we can use that in our group-level badges.

Is this possible in any way? If not, is it something that could be added?

Hey @anton-johansson

Putting aside any risk with using a user token (it will have all the permissions you have, so any user with access to the token could act as you), nothing stops you from generating a user token (that starts with squ_).

With those security risks in mind, you may want to create a technical user for this with only browse permissions on the projects.

Thanks for the quick reply Colin!

Yeah, I wouldn’t want to expose my token in that way. We already expose it within our CI-pipelines, but at least it’s a masked CI variable.

Creating a dedicated user with limited permissions sounds like a good idea, I’ll explore that option further. Thanks again!

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.