milend1
September 6, 2023, 1:33pm
1
Hi,
We are using Azure DevOps and SonarCloud integration.
As per Driving continuous quality of your code with SonarCloud | Azure DevOps Hands-on-Labs
we are looking to setup a ‘bot’ user.The token doesn’t have the required permissions (Code: Read & Write)
Is there a known workaround for that?
Works all fine if I’d use my own account, but that does fill weird for all PR of the company.
Thanks,
Colin
September 7, 2023, 4:43pm
2
Hey there.
Is the policy somehow applied specifically to your bot user, or not applied to your own user?
milend1
September 8, 2023, 11:36am
3
That is a very good point, but as far as I am aware the policy is applied to all AD users.
Also, other ADO users tried using their PAT, still the same error.
Only difference is that my user is Admin on ADO, while others would have a bit more limited access.
Is it possible that SC checks access to each repo, while setting up the PAT for ADO?
Colin
September 13, 2023, 2:28pm
4
Hey there.
I’ve taken a look, and it should just be checking this URL:
https://dev.azure.com/fiveshotsofespresso/_apis/projects?api-version=6.0
Can you try querying this URL (using your own org name) with something like curl providing the token that you provide to SonarCloud?
bash, azure, api, curl
milend1
September 14, 2023, 2:01pm
5
That’s a very good point.
I’ve tested it, even from a different network. Got the list of projects on our ADO instance, using the very same PAT token SC rejects.
Colin
September 15, 2023, 9:38am
6
I’ve sent you a private message to get private details like SonarCloud your organization key.