Service accounts in SonarCloud

Hello,
we are planning to migrate our self-hosted SonarQube instance to SonarCloud.

In our old SonarQube instance we are creating service accounts to execute the analysis from the CI/CD systems (Jenkins, Azure DevOps), while personal accounts are used by the developers only for local development with SonarLint. In these way the service accounts tokens are saved as secrets in the CI/CD systems and the personal access tokens are stored in the developers’ computers only.

We have set up SonarCloud with the Azure DevOps authentication and we can only create personal accounts. I could not find a way to create service accounts, which are not bound to a personal account in Azure DevOps.

Is there actually a way to create service accounts in SonarCloud? Thanks in advance.

Hi @vittoriocanilli
there is no local account on SonarCloud, every user account must be bound to an AzDO account of your organization.
You may promote the idea for a future addition on the SonarCloud roadmap portal.

On SonarQube, we now have analysis tokens (projects bound, or global) in addition to the standard user tokens, they may be a different answer to the same use case?

Hi @Sylvain_Combe,

thanks for your reply. I have never see these analysis tokens on SonarQube. Are they available in the Community Edition as well? Anyway they are not to be found on SonarCloud, as far as I can understand.

Hi @vittoriocanilli
Tokens permission is narrowed to the analysis scope was implemented, and announced, with SonarQube 9.5.

Indeed, they are not available on SonarCloud. If you need these analysis tokens, you should mark your interest in the feature on the SonarCloud roadmap portal. To me, these tokens are a more likely addition to SonarCloud than local accounts.

Hi @Sylvain_Combe,

thanks for the clarification! I can not find the request for the analysis tokens as feature on the SonarCloud roadmap portal’s link that you sent on your previous message: can you send me the correct link, if the feature request exists? Otherwise, should I create the request myself?

Thanks in advance.

You can promote any feature addition with the Submit idea button on the top right corner of the roadmap portal.

Hi @Sylvain_Combe,

thanks for the clarification! I will take care of that!

Hi @Sylvain_Combe,

I was about to submit a new idea, but I have found this one for api tokens: is it actually the same as the analysis tokens?

Thanks in advance.

Yes, that’s the one.
I thought I had the link to it in my 2nd post in this thread, but it was not the case, sorry about that.

Hi @Sylvain_Combe,

no problem at all and thanks for your quick reply! Here is the feature request that I have contributed to, as future reference: Organization and project API tokens

1 Like