We are using SonarQube 8.9.6 in our environment. As per GDPR compliance, user profile of inactive employee should be removed once an employee leaves the organization.
I have learnt that SonarQube supports to deactivate user profile (through UI and web API) which would only removes email address associated with user in sonar DB, not user name and login details.
We would want to remove full user related data from SonarQube DB.
Thanks for confirming about feature unavailability.
I have upvoted this feature via Sonarqube productboard. Any ETA to have this feature for rollout ?
In mean time, I was trying to build custom solution to remove user fully from SonarQube and thought if we can remove user profile from sonar DB and that would help to achieve our goal.
I have identified the table named “users” in sonar DB which stores all existing users (user logged in once to sonar application) related data.
I have successfully removed the entire row of concerned user from sonar DB and verified that removed user is no longer visible in sonar UI (Administration > Security > Users).
Unfortunately, we have faced weird behaviour after concerned user logged in back to sonar. It creates single entry in users table whereas we can see 3 ids of same user in sonar UI (Administration > Security > Users). I am attaching the screenshot for the reference.
i’m no Sonarsourcer and have no glance when this will be implemented.
In general you should treat the Sonarqube DB as black box, otherwise you might get in trouble !
Hope you have a backup of your DB
