At enterprise-scale, Sonar admins are required to manage tens of thousands of repositories. A key-value tags and rulesets approach make platform management vastly easier.
The two areas that would benefit most would be:
- Project-level access control. Rather than assigning individual group to explicit projects, groups could be associated to projects via tags. For example, the group “soc2-auditors” can be grant access to any project with the tag:
SOC2=true. - Applying ruleset via project based on tags. This will allow for much more dynamic management and higher confidence of proper applying of ruleset. e.g. Create a ruleset for internationalization (i18n) and apply it any project with the tag of
i18n=true.
This attribute-driven approach reduces the need to enumerating through tens of thousands of repos to ensure proper setup.