I am currently trying to integrate Sonarqube with my Gitlab Instance.
I want all project in my Gitlab Instance to be able to use Sonarqube as part of their Gitlab CICD pipeline, without each of them being able to access each other’s Sonarqube reports/results.
But all of the guides and tutorials (eg https://docs.sonarqube.org/latest/analysis/gitlab-cicd/) that I found seems to indicate that I need to write the Sonarqube Token in one way or another that is visible and/or reusable across projects. For example, if I told all of the project maintainers to set the SonarQube token in Gitlab environment_variable, they can use it to access each other’s report directly.
I came up with the idea of creating a unique account for every project or project maintainers and limit the access of each of those account to only of their own respective projects. But, I am not sure if this kind of ‘account-project’ authorization is possible or available in Sonarqube. Also, it requires lots of effort in creating an account every time a new project is being creating.
How do you think should I approach this problem?
Sorry if it turns out this problem is supposed to be a Gitlab CICD problem. I am still quite unfamiliar with features available in Gitlab CICD and Sonarqube.