SonarCloud using old PAT when decorating Azure DevOps Pull Requests

rfennell · May 17, 2022, 1:53pm

SonarQube 9.4
Azure DevOps Services

I have a working SonarQube installation that is linked to Azure DevOps (backed by Azure Active Directory AAD) setup for PR decoration. However, the account I used for the decoration is that of the user who set-up SonarQube, so it appears all the PR comments are made by them.

I wanted the comments to be made by a ‘SonarQube’ user. So I created a new user in AAD, created an Azure DevOps PAT (with code read/write) and updated the SonarQube > Admin > DevOps Platform Integrations > Azure DevOps settings to update the PAT.

I then created a new Azure DevOps PR on my test project. The PR build ran, SonarQube did it’s analysis and PR decoration occurred, but the PR comments were still made by the same user as prior to changing the PAT. It is as if the new PAT was no used.

Is there something else that I should have done?

rfennell · May 18, 2022, 2:43pm

I found my problem. It was a user error on my part.

We have a pair of SonarQube instances, a test one, and our main one. My test Azure DevOps project build was configured to do analysis on both instances. This was the problem.

I had only altered the PAT on the test instance. So the PR decoration by the main instance, which ran second, was still using the original PAT. Hence the problem.

system · May 25, 2022, 2:43pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.