Organization Level Setting for Pull Request Provider

Hello,

I would suggest a Global Setting to change the Pull Request Provider and Personal Access Token.

I didn’t find a way to manage this setting globally so we had to set it on each of our (currently) 120 Projects and when the Personal Access Token runs out (it is only valid for 1 year) we would have to update all 120 Projects.

Is there an automation we could use? How do you suggest we handle this issue?

Greetings Gary

Welcome :slight_smile:

what is your Sonarqube version ?
There should be a global setting here /admin/settings?category=pull_request

Gilbert

We are using Sonarcloud

Missed the sonarcloud tag, sorry.
Automation via web api should be possible, see
https://sonarcloud.io/web_api/api/settings

Thanks I already spotted the API. So there is no plan to add a global setting in the UI for SonarCloud?

With global, i guess you mean on organization level ?
https://sonarcloud.io/documentation/organizations/overview/

yes exactly I mean on an organization level.

I just found a StackOverflow post that brought an idea to my mind. Is it possible to set these properties
sonar.pullrequest.provider
sonar.pullrequest.vsts.token.secured
on each build through the extra properties attribute on Prepare Analysis? This might be great solution for us.

According to https://jira.sonarsource.com/browse/MMF-1134 this should be possible:

[…]
Several properties could be set at analysis time: sonar.pullrequest.provider, sonar.pullrequest.github.repository. As a baby step, we will gather them at project level only. Technical note: similarly to file exclusions, it could be overridden at analysis time. It’d need to be stored in relation to a branch (ex: project_branches database table.).
[…]

I just tried it but it didn’t work:

Pull request decoration did not happen because the token is missing. Please set it in the project settings.

Did you set the personal token also ?

yes, I configured it like this:

- task: SonarCloudPrepare@1
  inputs:
    SonarCloud: SonarCloud
    organization: ourOrganisation
    projectKey: ${{ parameters.ProjectFolder }}
    projectName: ${{ parameters.ProjectFolder }}
    projectVersion: '$(CSProjVersion)'
    extraProperties: |
        sonar.cs.opencover.reportsPaths=**/*opencover.xml
        sonar.exclusions=**/Licenses/*
        sonar.pullrequest.provider=Azure DevOps Services
        sonar.pullrequest.vsts.token.secured=*****

The jira ticket was a bit misleading.
sonar.pullrequest.vsts.token.secured is handled as internal property
see this thread

but maybe it’s possible to set it via web api inside your build.