What does Execute Analysis permission do

Hi I am having a hard time understanding what Execute Analysis does as a global permission.

The description says “Ability to get all settings required to perform an analysis (including the secured settings like passwords) and to push analysis results to the SonarQube server.”

What are the “settings” here? Like the ALM setting key? And Why do I need to care about pushing analysis results? I have sonar scanner in gitlab cicd right now and that will forward the scan result to sonarqube. Is this Execute Analysis permission necessary for me? Or is it for some other purposes?

Hi,

Execute Analysis gives you the right to… execute an analysis. At the global level, it should give you rights to all projects. At the project level, only to that project.

Two terms for the same thing. :smiley:

 
HTH,
Ann

Thanks for the response. My understanding is that we use sonar scan to initiate a scan / analysis. This might be a silly question. What’s the reason why a sonarqube user should have this permission? Is it because sonarqube users can use some kind of web api to start a scan?

Hi,

The analysis process is roughly:

  1. request some data from the server
  2. apply that data against your code
  3. bundle the results and submit them to the server for post-processing & storage.

If your project is private, you need rights for both steps 1 and 3. If it’s public, then you only need rights for #3. And BTW the rights for step 1 are the “Ability to get all settings required to perform an analysis” settings you asked about earlier.

Not all SonarQube users will need Execute Analysis, but someone does. In some scenarios it’s a technical user, which is granted the perm globally.

 
HTH,
Ann