We currently encountered the following issue in our setup: We are using GitHub for Code Hosting and as Login Method for SonarQube. Most of our developers do have a private GitHub account which they also use within the organization for their work.
Now those devs mostly have set their private E-Mail address set as their primary Mail Address. When SQ syncs a GitHub account into a Account in SQ the primary address is always used, which we don’t want for several reasons: We don’t want to leak this “unnecessary” data into our tool, and we don’t want to risk sending organization related notifications to our devs private mail accounts.
A way I could think of to fix this would be asking our devs to add their organization mail address (which can be easily detected, since its @companyname.tld) as a secondary mail address and then having a way to tell sonarqube to not use the primary e-mail address but instead use any E-Mail address which matches a given allowed domain (or a list of domains), or not apply an E-Mail address at all when such a domain does not exist for a user.
Would something like this be possible?