- ALM used: Azure DevOps
- CI system used: Azure DevOps
Hi!
I would like to request a feature for azure devops and sonarcloud.
As per the documentation, we have been using a dedicated “technical” user in azure to provide the PAT for the connection to sonarcloud. There are a few drawbacks to this:
- We need a separate user that needs to be managed (credentials, lifetime etc)
- We need to have a separate workflow to manage the PAT (the pat has a maximum lifetime of a year)
- We are dependent on azure devops to not just invalidate the PAT whenever (as seen here)
- If somebody accidentally removes the PAT or changes permissions of the account itself all of the pipelines are at a standstill (this happened to us)
PATs are just hard to manage.
I would like to propose that there should be the possibility to use a Service Principal for the connection. It’s just the right way to manage the connection to sonarcloud.
Please let me know if this is on the roadmap or if we need to manage PATs forever 
I have submitted this request to the product board aswell.
Thank you!
Related Links: