Setup

I am using SonarCloud through a gitlab pipeline (gitlab-ci) using the following template

sonarcloud-check:
  image:
    name: sonarsource/sonar-scanner-cli:latest
    entrypoint: [""]
  script:
    - sonar-scanner -Dsonar.clearCache=true
  rules:
    - if: $CI_PIPELINE_SOURCE == 'merge_request_event' || $CI_COMMIT_REF_NAME == $CI_DEFAULT_BRANCH
      when: on_success

I specify the SONAR_TOKEN within the CICD > Variables within the project

Error

Recently we have added a new “automation.user” into our SonarCloud project that will do administrative tasks. One of such task is I want it to be the face of the “pull request decoration” whenever a comment is added to a merge request.

SonarQube Cloud Code Analysis example933×359 26.5 KB

To achieve this I have changed logged in as automation.user, created new tokens through My Account > Security and added those as values underneath the SONAR_TOKEN key in each project. Whilst my sonar checks continue to work and the pull requests posts as usual.

However, the comment continues to be posted by the older user. How am I able to fix this?

It is definitely using the new token as I have deleted the SONAR_TOKEN variable, then ran the sonarcloud-check job again; expectedly the job failed.

Steps to reproduce

• Set up sonarcloud job in Gitlab with a token generated by user A
• Allow the project to run
• Regenerate token with user B and add that to the SONAR_TOKEN variable in the Gitlab project
• Observer Pull request decoration

Please let me know if you need any further details. Thank you!

Hey there.

The user that performs PR decoration is the Gitlab user whose token you have provided in your org-level Administration > Organization Settings > Organization binding.

Hi Colin,

Ah I see, I was changing the wrong access token. That worked a charm, thank you very much for your help.